question

AmitBadgujar-7293 avatar image
0 Votes"
AmitBadgujar-7293 asked ·

Microsoft Defender : eicar file.test file not detecting in Ubuntu > Not detecting virus

Hi Team,

I have installed Microsoft defender in Ubuntu OS, I download many eicar file.test into Ubuntu OS and scanning the full system by using command mdatp scan full, the system scanning the directory but not detecting the eicar virus file.

However ClamAV on Ubuntu detects eicar file.

Note : mdatp successfully installed on ubuntu os, but still why I'm not able to detect the eicar test file virus.

Your help really appreciated.

Please respond me ASAP.

Best Regards
Amit Badgujar

windows-10-security
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AmitBadgujar-7293
Thank you for the quick response!

When it comes to Microsoft Defender for Endpoint, I'd recommend reaching out to our experts within our Microsoft Defender for Endpoint Tech Community.

Thank you for your time and patience throughout this issue.

0 Votes 0 ·
Reza-Ameri avatar image
0 Votes"
Reza-Ameri answered ·

Try attach these files and report them to Microsoft Anti-Malware teams and make sure specify you are testing them on Ubuntu and also the version of Ubuntu and MD ATP and other valuable information.
You may submit these files to:
https://www.microsoft.com/en-us/wdsi/filesubmission

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CarlFan-MSFT avatar image
1 Vote"
CarlFan-MSFT answered ·

Hi,
Please check the troubleshooting steps below:
Troubleshoot installation issues for Microsoft Defender for Endpoint for Linux
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-support-install
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

· 3 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Followed the same steps, but still eicar test file not getting detected on mdatp scan within ubuntu 20.0 os.

0 Votes 0 ·

Is mdatp license required to detect the eicar file, is any configuration needs to be done before mdatp scan ?

Whenever I will do "mdatp scan full"

I'm getting below attention - "No license found"
and directory scan successfully but threat not detecting

Please assist me how should I detect threat in ubuntu 20.0 system using "mdatp scan full".

0 Votes 0 ·
CarlFan-MSFT avatar image CarlFan-MSFT AmitBadgujar-7293 ·

Hi Amit,
Thank you for your update. Based on my search, License is most of time is binded by org_id. Similarly in your case you may see that org_id is unavailable and hence license value is . I firmly believe license is required. Meanwhile, for Windows Defender product issue, to help you better, as James provided, I suggest that you could post it to Microsoft Defender for Endpoint Tech Community. They will be more professional on Windows Defender issue. Thank you for your understanding.

0 Votes 0 ·