diff --git a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
index 8c090997fc..1909c44e6d 100644
--- a/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
+++ b/windows/keep-secure/enable-pua-windows-defender-for-windows-10.md
@@ -79,14 +79,13 @@ You can use PowerShell to detect PUA without blocking them. In fact, you can run
     a.  Click **Start**, type **powershell**, and press **Enter**.
 
     b.  Click **Windows PowerShell** to open the interface.
-    >[!NOTE]
-    >You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt.
-    
-2. Enter the PowerShell command to enable PUA in audit mode:
+    >[!NOTE]
+    >You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt.
+2. Enter the PowerShell command:
 
-  ```text
-  et-mpPreference -puaprotection 1
-  ```
+  ```text
+  et-mpPreference -puaprotection 2
+  ```
 
   
 ##View PUA events