Has this computer been compromised?

346360 pts.
Tags:
Botnet
Virus infection
One of my computers runs a strange set of files that I don't recognize when it boots:
bash.exe, curl.exe, uname.exe, sed.exe, rm.exe, tail.exe, cut.exe, awk.exe, cat.exe, chmod.exe, ls.exe, grep.exe

I know I haven't uploaded any programs related to these files, so should II be worried about these files?  I do suspect that the computer is being used as a botnet based on these files. Can anyone verify if it is indeed compromised and how I can clean it if it is?  Please note, this is a work computer and has not been used (to my knowledge) for anything unsafe.

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta

    There is no way that we can tell from a forum if a system has been compromised. The listed executables are standard for many various systems, so there wouldn't be a surprise at seeing them run. That's especially true if they run without errors. If each of them is noted in an error event as 'not found', then it's definitely a peculiarity.

    The names are for Unix/Linux programs. Seeing them referenced on a basic Windows system, for example, would be cause for investigation. It doesn't necessarily mean "compromised" though.

    If you suspect a problem, then you should isolate the device and run standard scans for malware.

    Tom

    125,585 pointsBadges:
    report
  • Kevin Beaver
    Here are some free anti-virus options for Linux/UNIX that may be of value:

    http://free.avg.com/us-en/download.prd-alf
    http://www.comodo.com/home/internet-security/antivirus-for-linux.php
    http://www.clamav.net/lang/en/download/packages/packages-linux/
    http://www.eset.com/us/download/home/detail/family/5/?trl=el
    http://www.f-prot.com/products/home_use/linux/
    17,140 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following