Unhide is a program that will detect hidden processes on your system. It is a good complement to rkhunter (a rootkit scanner for Linux and Unix). Rkhunter will make use of unhide if you have unhide installed on your system. Here is a little tutorial on how to do it (I assume you have rkhunter already installed and configured, and are familiar with its use.):
1. Download unhide and unpack in a temporary directory.
2. If you are using Linux with a 2.6 kernel, create the executable by running the command:
gcc -Wall -o unhide unhide-linux26.c
3. If you are running any other kernel, run this command:
gcc -Wall -o unhide unhide.c
4. Copy the executable to a place where rkhunter can find it:
cp unhide /usr/local/bin/
5. Rerun rkhunter --propupd (so that unhide will not throw a warning in rkhunter!)
6. That's it! The next time you run rkhunter, it will discover and make use of unhide.