Update troubleshoot-performance-issues.md

Author: denisebmsft

defender-endpoint/troubleshoot-performance-issues.md

@@ -53,7 +53,7 @@ First, you might want to check if other software is causing the issue. Read [Che
 |Component| Solution|
 | -------- | -------- |
 |Real-time protection (RTP) scanning | You can use [Troubleshooting mode](/defender-endpoint/enable-troubleshooting-mode) to turn off [Tamper Protection](/defender-endpoint/troubleshoot-problems-with-tamper-protection). Once Tamper Protection is turned off, you could turn off the "Real-time protection" temporarily, in order to rule it out.<br/><br/>See the previous section, [Common reasons for higher CPU utilization by Microsoft Defender Antivirus](#common-reasons-for-higher-cpu-utilization-by-microsoft-defender-antivirus). |
-|Scheduled scanning |Check your default scheduled scan settings<br/><br/>**General scheduled scan settings**.<br/><br/>- Configure low CPU priority for scheduled scans (Use low CPU priority for scheduled scans). <br/>The thread priority in Windows for normal scans has two values: 8 (lower) and 9 (higher). By setting this to enabled, you are lowering the scheduled scan thread priority from 9 to 8, which enables other application threads to run with a higher priority, thus getting more cpu time than Microsoft Defender Antivirus. <br/><br/>- Specify the maximum percentage of CPU utilization during a scan (CPU usage limit per scan). 50 is the default setting; you can lower it to 20 or 30%. <br/>Note that if you have a change control window, by modifying the amount of cpu that can be used causes the scan to take longer. <br/><br/>- Start the scheduled scan only when computer is on but not in use by setting `ScanOnlyIfIdle` to `Not configured` (it's enabled by default). <br/>It requires the machine to be idle, meaning the cpu usage overall of the device has to be lower than 80%. <br/><br/>**Daily quick scan settings**<br/><br/>- Specify the interval to run quick scans per day: Not configured (How many hours have elapsed, before the next quick scan runs - 0 to 24 hours)<br/><br/>- Specify the time for a daily quick scan (Run daily quick scan at): 12 PM. <br/><br/>**Run a weekly scheduled scan (quick or full) settings** <br/><br/>- Specify the scan type to use for a scheduled scan (Set `Scan type` to `Not configured`). <br/><br/>- Specify the time of day to run a scheduled scan (Set `Day of week to run scheduled scan` to `Not configured`). <br/><br/>- Specify the day of the week to run a scheduled scan (Set `Time of day to run a scheduled scan` to `Not configured`). |
+|Scheduled scanning |Check your default scheduled scan settings<br/><br/>**General scheduled scan settings**.<br/><br/>- Configure low CPU priority for scheduled scans (Use low CPU priority for scheduled scans). <br/>The thread priority in Windows for normal scans has two values: `8` (lower) and `9` (higher). By setting this to `enabled`, you are lowering the scheduled scan thread priority from `9` to `8`, which enables other application threads to run with a higher priority, thus getting more cpu time than Microsoft Defender Antivirus. <br/><br/>- Specify the maximum percentage of CPU utilization during a scan (CPU usage limit per scan). `50` is the default setting; you can lower it to `20` or `30`. <br/>Note that if you have a change control window, by modifying the amount of cpu that can be used causes the scan to take longer. <br/><br/>- Start the scheduled scan only when computer is on but not in use by setting `ScanOnlyIfIdle` to `Not configured` (it's enabled by default). <br/>It requires the machine to be idle, meaning the cpu usage overall of the device has to be lower than 80%. <br/><br/>**Daily quick scan settings**<br/><br/>- Set `Specify the interval to run quick scans per day` to `Not configured` (How many hours have elapsed, before the next quick scan runs - 0 to 24 hours)<br/><br/>- Set `Specify the time for a daily quick scan (Run daily quick scan at)` to `12 PM`. <br/><br/>**Run a weekly scheduled scan (quick or full) settings** <br/><br/>- Specify the scan type to use for a scheduled scan (Set `Scan type` to `Not configured`). <br/><br/>- Specify the time of day to run a scheduled scan (Set `Day of week to run scheduled scan` to `Not configured`). <br/><br/>- Specify the day of the week to run a scheduled scan (Set `Time of day to run a scheduled scan` to `Not configured`). |
 |Scan after a security intelligence update.|By default, Microsoft Defender Antivirus scans after a security intelligence update for optimal protection purposes. Note that if you have scheduled scans enabled, you might think that there are scans that are run outside of the schedule. This is where you, and your leadership team will have to make a decision, of having more security or less cpu utilization. <br/><br/>As a workaround, in Group Policy (or another management tool, such as MDM), go to **Computer Configuration** > **Administrative Templates** > **Microsoft Defender Antivirus** > **Security Intelligence Updates**, and set **Turn on scan after security intelligence update** to `Disabled`. |
 |Conflicts with other security software | If you have non-Microsoft security software, such as antivirus, edr, dlp, endpoint privilege management, vpn, and so on, add the that software to the Microsoft Defender Antivirus exclusions (path + processes) and vice-versa.<br/><br/> The list of the Microsoft Defender Antivirus binaries are listed in the .xlsx here: [Configure your network environment to ensure connectivity with Defender for Endpoint service](/defender-endpoint/configure-environment)|
 |Scanning a large number of files or folders | If you have a big file such as an .iso, .vhdx, and so on sitting in your user profile (desktop, downloads, documents, and so on) and that profile is being redirected to network shares, such as Offline Files (CSC) or OneDrive (or similar products), scans can take longer to run. This is because you're scanning a network, where there is additional latency compared to files stored locally on a device.<br/><br/>If you don't need the .iso/.vhd/.vhdx, etc… sitting on your profile, move it to a different folder where it's not sitting on a network share (mapped drive, unc share, smb share). |