A couple of weeks ago while flying to and from Microsoft in Redmond, I read most of this book (still finishing it between bits of spare time on my current projects): Rootkits: Subverting the Windows Kernel
by Greg Hoglund and Jamie Butler. Ted Neward
has a very good review of the book
I suggest you read, and I agree with his evaluation as well -- this really helped me dig into some untouched areas for me such as how to build device drivers and many of the techniques used by rootkits to avoid detection and remain after reboot. This is a great security book, and highly recommended.