While we're waiting for anti-rootkit capability, let me show you all how to find rootkits
First, the idea of rootkits is (in the malware world) to hide the malware by using Windows' own API's. So, you will never see the Rtk's in Windows.
BUT, you can see them in (pure) DOS.
At this stage, you should understand that rootkit detection and removal software work by taking a snapshot of a (presumed) clean instal, then compare that against the current situation. if they are different, you probably have an infection...
BUT... you can do this yourself!
I dunno how XP and Vista go for access to pure DOS, but on 95, 98 and ME you can run a DOS-box at C:\ with the commands "dir c:\windows >windir.txt" and "dir c:\windows\system >sysdir.txt". Now reboot into pure DOS (I like to use my rescue floppy), cd to C:\ and run the same commands (but use different names for the text files
).
NOW, all you need is to check the last few lines of each file: if the reported byte-count is different, you have a problem! OK, I get carried away and import them into my 123 spreadsheet and blah blah...
Hope this helps.
Gordon.