Compromised machine?

[goatjc]

I visited a customer today that had this program installed on their machine. Now, I dont have the slightest idea what it is / does, but, from what I've researched, I dont think this person even knows what python is. I've seen this in the past, where python would be installed on random a$$ed machines (like girls' machines where they just wanted "aol", aka, AIM installed on their machines).

What I would like to know is, does python being installed indicate a machine being compromised when you know the customer has no business even touching that sort of program? Is it tagged along somewhere on the internet as spyware?

As far as I can tell, it some programming / compiler. . .(wow, it's been awhile, cout >> "hello world."; )

Thanks in advance.

 

[mundane]

Python is about as much mal-ware as the JRE, .NET Framework X.0, etc.

 

[Alone]

If it's the python development package, then it's likely that he accidentally unpacked it himself.

 

[goatjc]

How does someone go about unpacking something they have no clue what it does? I mean, this lady's machine today was just a run of the mill machine. . .nothing special installed. . .the usual, msoffice, ff, etc. I guess I just find it hard to believe she went out of her way to unpack this if she hadnt installed anything on there since it's first image.

 

[xtknight]

Define "Python". The libraries/runtime or the development files? She could have just accidentally downloaded the dev rather than the binaries or something.

That wouldn't really be my first thought if I saw Python on someone's PC. I'd just think someone else put it there, not that it was the payload of a virus. Why do you think it is Python that is indicative of malware? As far as I know, Python is not a normal indication of an infection if you were wondering. Most viruses are packed with executable packers to be as small as possible as a goal and as a result I doubt any use Python. A python script is run by calling the interpreter and specifying the py file. As far as I know that's the only way, and a py file can't really be compressed (there are no binary resources within it like an EXE file, it's just script).