Hello everyone.
3 days ago I installed an ssh server and the next day my router breaked and a strange file called world.jpg is in my folder. I tried to open it and it says it is not a valid JPG file.
So I deleted it, installed firestarter and blocked SSH on port 22 and bought a new router.
Today the file is back and I can't seem to notice any strange process.
I wonder if I was hacked and the person logged in to my router and ruined the firmware.
What do you think? Any advices?

Update:
I checked the bash history and the only reference I found is the command I run to delete it. I used grep to find it.
I was hopping to get some wget command ot something like that but it seems that the file is generated by a program.

Try this command in the terminal:

file world.jpg
It will try to determine the real file-type depending on the contents, not on the name extension.

Even if the file was wget-etted (wgot?) by a shell script it wont appear in your bash history. Only commands you typed are stored there. (I think)

you may want to touch a file by the same name, and deny all parties access to it. that way if it is created by a process, you will hopefully recieve an error log entry indicating what proc it is.

you can also look into dnotify, which will run a command when a directory;s contents change.

I use to have a world.jpg that fetched wallpaper. Check Start up Applications for the script.

Ok thanks for you advice. I think the file is created on shutdown. I will check again the next day.