From 64c69f0ae77f2c1f62e411241d3a284252ffd652 Mon Sep 17 00:00:00 2001
From: DulceMV <DulceMV@users.noreply.github.com>
Date: Mon, 15 Aug 2016 17:44:55 +1000
Subject: [PATCH] Updated PUA-intune instructions

---
 .../enable-pua-windows-defender-for-windows-10.md  | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
index 113656af14..cba4d031cd 100644
--- a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
+++ b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
@@ -73,6 +73,20 @@ You can use PowerShell to detect PUA without blocking them. In fact, you can run
 ###Use PUA audit mode in Intune
 
  You can detect PUA without blocking them from your client. Gain insights into what can be blocked.
+ 
+ 1. Open PowerShell as Administrator: <br>
+
+    a.  Click **Start**, type **powershell**, and press **Enter**.
+
+    b.  Click **Windows PowerShell** to open the interface.
+    > [!NOTE]
+    > You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt.
+    
+2. Enter the PowerShell command to enable audit mode:
+
+  ```text
+  et-mpPreference -puaprotection 1
+  
 
 ##View PUA events