I received this message this morning from root: Trojan Horse Detected. Hidden Pid detected! [pid xxxx] hidden from ps: [yes] hidden from kernel: [yes] binary location: [/usr/share/locale/pt/sk] I ran chkrootkit and it found the following: Checking `bindshell'... INFECTED (PORTS: xxx) Does anyone know what I can do about this? And how is it possible that someone got into my system? Any help or suggestions appreciated. Mav.