Some time ago Skape and Skywing have published a Catalogue of Windows Kernel-mode Backdoor Techniques.
On 28 pages their whitepaper describes several means to get your code covertly executed in the kernel of Microsoft Windows. The document also provides good hints on how to detect these manipulations. Everyone who conducts forensic examinations on Windows memory dumps should be aware of these techniques.
