is it even malware? What would it be doing?
The real risk does not come from pop-up ads, a changed browser or porn links on a desktop. Nor does it come from formatting harddisks or constantly rebooting. The dangerous thing would be rootkits that hide, remain unseen, log your keystrokes, log your internet traffic etc. and send them to a business rival. They could be buried deep in network traffic, for instance in DNS requests. In contrast to the usual "open some ad windows on the users screen" malware, in this case remaining unseen is crucial.
"Laugh while you can, monkey-boy." -- Dr. Emilio Lizardo