Learn Editor: Update validate-antimalware.md

Author: joshgingras

defender-endpoint/validate-antimalware.md

@@ -50,38 +50,38 @@ Run an AV detection test to verify that the device is properly onboarded and rep
 1. Prepare for the EICAR test file:
 
    1. Use an EICAR test file instead of real malware to avoid causing damage. Microsoft Defender Antivirus treats EICAR test files as malware.
-
+      
 1. Create the EICAR test file:
 
    1. Copy the following string: `X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*`
-
+   
       1. Paste the string into a .TXT file and save it as EICAR.txt
-
+            
 ### Linux/macOS
 
-1. Ensure that real-time protection is enabled (denoted by a result of "true" from running the following command):
+1. Ensure that real-time protection is enabled. Run the following command and confirm the output is `"true"`:
 
-    ```bash
+    ```
     mdatp health --field real_time_protection_enabled
     ```
 
-2. Open a Terminal window. Copy and execute the following command:
-
-
-Linux
+2. Download the EICAR test file. Open a Terminal window and execute the appropriate command for your operating system:
 
-```bash
-```bash
-curl -o eicar.com.txt https://secure.eicar.org/eicar.com.txt
-```
-```macOS
+   Linux:
+   
+    ```
+    curl -o eicar.com.txt https://secure.eicar.org/eicar.com.txt
+    ```
+   
+   macOS:
+   
+    ```
+    curl -o ~/Downloads/eicar.com.txt https://secure.eicar.org/eicar.com.txt
+    ```
 
-```
-```bash
-curl -o ~/Downloads/eicar.com.txt https://secure.eicar.org/eicar.com.txt
-```
-```3. Execute the following command and verify the file has been quarantined by Defender for Endpoint. The command will list all detected threats:
+3. Verify that the file has been quarantined by Defender for Endpoint.** Run the following command to list all detected threats:
 
-    ```bash
+    ```
     mdatp threat list
     ```
+