I've been doing some research on RootKits/botnets and why they are so difficult to detect. I've come across something called a Kernel Hook and want to know what it is. I read that programmers, in general, should not use them because there is normally a documented way to achieve the desired result, however anti-virus companies need to use them for some of their services and there is not a way around them. There just doesn't seem to be a lot of straight forward explanations. All in all: What is a kernel hook? If you'd like to answer further (such as why do they apply to rootkits) feel free. Thanks, -J-Rod