Chris's community posts

Microsoft 365 Defender alert on rut-7.1.7.0.zip - ZkarletFlash malware

Microsoft 365 Defender alert on rut-7.1.7.0.zip - ZkarletFlash malware

Chris, User (Posts: 5)

Oct 19, 2022 3:53:57 pm EDT

Support level: Free or trial
I've checked the SHA and the download appears authentic. How should I proceed?

Restart Agent as Administrator - what does it look like when it works?

Chris, User (Posts: 5)

Oct 19, 2022 8:27:50 am EDT

Support level: Free or trial
Hi Pauline! Thanks for your efforts to troubleshoot this issue with me. However, before we begin looking at the details of my particular issue, may I draw your attention to the main requests above. I want to be able to self-support, and a little documentation would go a long way.
  • Would it be possible to get a doc page that shows exactly what it looks like (on both sides) when the restart Agent feature is used?
  • Does either side generate logs that I can refer to in troubleshooting? Is there a logging switch?

Having said that...

1. Do you select anything for the Domain option in the "Restart Agent as..." window?

Excellent question! This is an area of confusion for me. We are using Microsoft 365 and Azure AD, so it's not clear whether the correct way to enter the information is 
domain: mycompany user: chris
or if it should be 
domain: azuread user: chris@mycompany
or else 
domain: mycompany.microsoftonline.com user: chris
. Have you tested this with cloud only (non-Hybrid) M365 environments?

2. Does anything happen on the physical remote machine when you restart Agent via the feature? For example, does your colleague see a UAC prompt?

Colleague reports seeing nothing.

3. Are you able to log in on the remote machine itself using your Windows user credentials that you use for the "Restart Agent as..." window?

By rights, yes. I'm using my admin account, which can log into every machine in our tenant. But I don't have physical access to test this personally.

Thanks again for your help!
Edited:Chris - Oct 19, 2022 8:28:12 am EDT

Restart Agent as Administrator - what does it look like when it works?

Chris, User (Posts: 5)

Oct 12, 2022 10:12:04 am EDT

Support level: Free or trial
Just to be clear about what I'm seeing:
  • The colleague running Agent is not an admin.
  • I select the restart option and enter my credentials.
  • As far as I can see, nothing happens.

Restart Agent as Administrator - what does it look like when it works?

Best Jump, User (Posts: 5)

Oct 12, 2022 10:08:47 am EDT

Support level: Free or trial
I'm unable to get "Restart Agent as Administrator" to work. Unfortunately, there's no feedback on the Viewer side to tell me what's going on. Are there any logs I can look at to troubleshoot? What does it look like from the Viewer side when it works correctly?

This website uses cookies to improve user experience. By using this website you agree to our Terms of Service and Privacy Policy.