Target #2 turned out to be a virus, carrying around a package of inert code, probably generated by a scripter, a new one at that. The virus itself, on the other hand, seemed pretty sophisticated. Hiding out on the network layer, mostly listening over high level switches, the virus seemed to be searching for something specific, a destination of IP ranges, or something else in the encapsulating encryption, and then would tag along for the ride, but once it got to wherever it wanted to go, had nothing of consequence to deliver. The two didn’t fit together. Either someone purchased the virus, and likely spent a lot of money which would indicate a bored rich kid who didn’t know what he was doing, or the person who released the virus wasn’t concerned with the outcome, just prototyping a delivery system. Maybe #2 wasn’t so benign after all. Maybe #2 was a test, with the real package to be delivered later, after the intrusion was verified. The choice, then, wasn’t mine to make to terminate the target. I reported the situation and tagged the virus to make it easier to find if the word came back to finish the job.