This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 23%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Hi Team,
I have installed Microsoft defender in Ubuntu OS, I download many eicar file.test into Ubuntu OS and scanning the full system by using command mdatp scan full, the system scanning the directory but not detecting the eicar virus file.
However ClamAV on Ubuntu detects eicar file.
Note : mdatp successfully installed on ubuntu os, but still why I'm not able to detect the eicar test file virus.
Your help really appreciated.
Please respond me ASAP.
Best Regards
Amit Badgujar
@Amit Badgujar
Thank you for the quick response!
When it comes to Microsoft Defender for Endpoint, I'd recommend reaching out to our experts within our Microsoft Defender for Endpoint Tech Community.
Thank you for your time and patience throughout this issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 57.99999999999999%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
Hi,
Please check the troubleshooting steps below:
Troubleshoot installation issues for Microsoft Defender for Endpoint for Linux
https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-support-install
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl
Followed the same steps, but still eicar test file not getting detected on mdatp scan within ubuntu 20.0 os.
Is mdatp license required to detect the eicar file, is any configuration needs to be done before mdatp scan ?
Whenever I will do "mdatp scan full"
I'm getting below attention - "No license found"
and directory scan successfully but threat not detecting
Please assist me how should I detect threat in ubuntu 20.0 system using "mdatp scan full".
Hi Amit,
Thank you for your update. Based on my search, License is most of time is binded by org_id. Similarly in your case you may see that org_id is unavailable and hence license value is . I firmly believe license is required. Meanwhile, for Windows Defender product issue, to help you better, as James provided, I suggest that you could post it to Microsoft Defender for Endpoint Tech Community. They will be more professional on Windows Defender issue. Thank you for your understanding.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 81%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Try attach these files and report them to Microsoft Anti-Malware teams and make sure specify you are testing them on Ubuntu and also the version of Ubuntu and MD ATP and other valuable information.
You may submit these files to:
https://www.microsoft.com/en-us/wdsi/filesubmission
