Yes, it looks like. How long ago has that happened?
Was the Alt-F webUI exposed to the internet? It was not designed with that purpose in mind and it is prone to CGI injection attacks; such an attack has already been reported in this forum.
Can you ssh or telnet the box? remove the box from the internet, save all logs for further examination, including the output of the 'ps' command.
In principle a reboot will remove the infection, but it will also prevent further diagnosing. If you have no expertise on doing that, rebooting is probably the only thing you can do.
After the reboot you should examine the 'ps' command output again, to see if only expected processes are running.
Do you have Alt-F packages installed? Was lighttpd/PHP running?
The only way for most infections to survive a reboot will be to install themselves on disk, overriding Alt-F programs, so you might want to examine the /Alt-F/bin /Alt-F/sbin /Alt-F/usr/bin and /Alt-F/usr/sbin directories for unusual files. You can get a listing executing 'ls -lR /Alt-F/' and saving its output.
Removing all Alt-F installed packages can be the most wise to do if you don't know what to do next.