SlackinMonkeee, you should listen to djbanaan's and infamous41md's advice and act on it.
Anything pointing to existance of /dev/tux can be taken as "evidence" the Tuxkit rootkit is installed, which means you should use the three R's: reformat, repartition and reinstall.If the box is remote, ask the colo ppl to take care of it, if it's a local box do it yourself. ASAP.
If you salvage stuff, make sure you salvage only stuff you can verify against a trusted source, and do NOT backup binaries. Do not use backups to restore the box state unless you can verify backup integrity with onehundred percent surety.
Check out the
LQ FAQ: Security references, post #, under compromises.