Afternoon all, I'm hoping someone might be able to help with this. We're running a fully up-to-date Plesk box (8.3.0), but I believe, somehow, it may have been compromised. I decided to run a rootkitch randomly, and have the following output: So obviously, this would appear the server has been compromised. However, I'm confused how this could happen on a server that has always been kept fully up-to-date (as in Updater is frequently run). Can anyone suggest a few ways I can attempt to discover how this has happened? I'm not a linux expert, hence it running Plesk, but I do know most of the basics on command line. Any help would be really appreicated.