diff --git a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md index 286b327ba1..57d8b9394e 100644 --- a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md +++ b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md @@ -32,7 +32,7 @@ Since the stakes are higher in an enterprise environment, the potential disaster ##Enable PUA protection in SCCM and Intune -The PUA feature is available for enterprise users who are running System Center Configuration Manager (SCCM) or Microsoft Intune in their infrastructure. +The PUA feature is available for enterprise users who are running System Center Configuration Manager (SCCM) or Intune in their infrastructure. ###Configure PUA in SCCM @@ -53,10 +53,7 @@ You can use PowerShell to detect PUA without blocking them. In fact, you can run a. Click **Start**, type **powershell**, and press **Enter**. b. Click **Windows PowerShell** to open the interface. - - > [!NOTE] - > You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. - + > **Note:**  You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. 2. Enter the PowerShell command: ```text @@ -89,13 +86,10 @@ You can find a complete list of the Microsoft antimalware event IDs, the symbol, ##What PUA notifications look like -When a detection occurs, end users who enabled the PUA detection feature will see the following notification:
+When a detection occurs, end users who enabled the PUA detection feature will see the following notification: -![Image showing the potentally unwanted application detection](images/pua1.png) -To see historical PUA detections that occurred on a PC, users can go to History, then **Quarantined items** or **All detected items**.
- -![Image showing the potentally unwanted application detection history](images/pua2.png) +To see historical PUA detections that occurred on a PC, users can go to History, then **Quarantined items** or **All detected items**. ##PUA threat file-naming convention @@ -105,6 +99,5 @@ When enabled, potentially unwanted applications are identified with threat names PUA protection quarantines the file so they won’t run. PUA will be blocked only at download or install-time. A file will be included for blocking if it has been identified as PUA and meets one of the following conditions: * The file is being scanned from the browser -* The file has [Mark of the Web](https://msdn.microsoft.com/en-us/library/ms537628%28v=vs.85%29.aspx) set * The file is in the %downloads% folder * Or if the file in the %temp% folder