Deliberate virus infection 9

[KimberTech]

What would you do if a fellow "professional" (cough choke)
deliberately infected your network with a virus to prove a point? (Sent through file transfer.)
If the virus of choice was executed on the PC due to trust of the person sending it to you, and it was an email virus that destroyed your credibility with your clients, sending them the virus?

This actually happened, and I am curious to know how members would handle this....any action they would take or not, or just put it down to a "got me" and forget it....learn from it.

I am eagerly awaiting points of view.

Kimber Members of Tek-Tips provide answers to questions based on the information given. For the best answers, post detailed descriptions of the issue. Use the search features of the site to see if your issue was already addressed in another thread.

 

[garwain]

Sneaking in a relativly new virus that hasn't made the updates is nothing but a low blow. I would have done anything in my power to make him pay (legally). If he wanted to prove your security was not up to par, he should have used the EICAR test virus.

EICAR is a short string that you can place in a text file, and it should set off any antivirus software you have protecting your system. For anyone who is interested, the "Virus" code is.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

 

[manarth]

garwain - outstanding comment.... you should post as a FAQ / Helpful Tip to "General Virus Discussion".... that test string will be sooo useful to me & my network

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[ANFPS26]

garwain , I had to change McAfee to &quot;Scan All Files&quot; before it would detect the test file. Good test, though.

Jim

 

[Stevehewitt]

You can download the EICAR test file from

http://www.eicar.com

site. Its free can it comes in three flavours.

Just a standard file
Zipped up
Double zipped ( Zipped the file up, then ziped the ziped one...!)

Its worth ago. If you've got Exchange with some AntiVirus extention installed I recommend you try it to see how strong it is. Should pick it up.

Steve Hewitt
Systems Manager

 

[GreenTeeth]

Cajun you have so hit the nail on the head, have another star.

I was thrown into IT by accident, and my biggest nightmare has been Viruses. For the amount of time I have put into learning certain areas of IT out of need, I have put more time into viruses, and got the least back in knowledge and gratitude.

Dealing with viruses is monkey work, in that you will fight lke hell to get rid, only to have your manager say &quot;well why were they there in the first place&quot;, so for someone to actively send one simply to prove a point is most certainly below the belt.

Now I tend toward anarchism, and anticapitalism and will happily go on the marches, I like to ride a bicycle and run red lights, but I'm affraid that anyone who thinks that sending a virus is a count of anarchism should have their brains checked. There really is no need to do this for any reason, no matter how disgruntled at previous employer/the system/big business. All that is being done, is a lot of heartache for the person who has to clean up the mess, and annoyance for those who may have lost vital work.

I hope I have not gone off the point here, but it's a bit like punching a blind man and then standing back to watch him flail his arms. It's just not cricket old bean.

And Finally, Garwain (er, have another star, hope you have a big sky to pin them on) any chance of a FAQ on this one on how this can be used to it's fullest??