Reminds me of a joke –
Q: Why don’t cannibals eat clowns?
A: They taste funny.
Of course, this entry is not about cannibals, clowns or peculiar appetites – it’s about what to do when you find a suspicious file on a machine, especially if that machine has been acting strangely and you think something untoward might be afoot. Locally installed antivirus not giving you any hints? Well, if you have isolated a suspicious file or two here is what to do – visit http://www.virustotal.com and upload your funky files – let their service scan those files with 40 some-odd AV engines. This will give you two things:
1) usually an answer as to what that file may be
2) the creeps, because you will soon realize just how poor AV detection rates are!
While VirusTotal is not going to clean anything up for you, it will let you know whether or not you need to pull your wonky host off the network and start cleaning, or as is the considered best practice these days – re-imaging.