Common scenario:
End user disregards my advice (and company policy)and manages to download some malware.
OS is W2K;
Symptoms: after restart, machine is pretty much dead in the water — desktop is pretty much non-responsive to KB&M. Even task manager won’t work. Logging off and then on again cures the problem (explorer.exe has to be manually ended), so I’m assuming that the malware is loaded only at boot time.
Downloaded F-secure’s Blacklight and it found (and renamed):
cswsw.exe
dmgxg.exe
Take a cookie out of the jar, F-secure!
Did a Google on both and received 0 hits on both (which I find startling).
Reboot and all seems okay, for now. Can’t wait for the next one!
