Just hit enter
So, the other day an email popped up from our endpoint protection server:
"Malware detected on one of the workstations in your environment...
bla, bla bla,
Malware Name: win32/TesCrypt
Computername: bla bla bla
Action: Quarantine; succeeded"
Quarantined. Okay we're good... Wait a sec. Tescrypt?!? Security guy next to me almost has a stroke, calls the user and tells them to pull the power cord. "I know you're not supposed to. Please, do it now!"
Apparently the user had tried to click 'No' on the UAC prompt several times and finally put in a ticket cause it wouldn't go away. Helldesk promptly called back and advised to just click 'Yes'.
"... clickety. My credentials don't work."
"Let me try, it's probably just windows updates."