Rootkits are used by intruders to hide and secure their presence on your system. An intruder achieves complete cloaking capability by relying on an administrator to trust the output of various system programs. This assumption is more or less true — most of the time system administrators trust ps to display all processes and ls to list all files.
To check for such rootkits you can use
chkrootkit from chkrootkit.org