The following Web sites and books are sources of more information on rootkits:
Understanding
Malware: Viruses, Spyware and Rootkits
Mark's Microsoft TechEd 2005 webinar covers viruses, spyware, and rootkits.
Unearthing
Rootkits
Mark's June Windows IT Pro Magazine article provides an overview of rootkit
technologies and how RootkitRevealer works (subscription required).
www.rootkit.com
This site contains sample code for a number of user-mode and kernel-mode
rootkits as well as ongoing discussions on how to develop rootkits.
www.phrack.org
This site stores the archive of Phrack, a cracker-oriented magazine where
developers discuss flaws in security-related products, rootkit techniques,
and other malware tricks.
research.microsoft.com/rootkit/
This is the Microsoft Research rootkit home page where Microsoft publishes
papers and information on its efforts to combat rootkits.
The Art of Computer Virus Research and Defense, by Peter Szor
Malware: Fighting Malicious Code, by Ed Skoudis and Lenny Zeltser