Security researchers at Microsoft warned against the possible use of rootkits by spyware manufacturers, in a Computerworld article. This tactic would make spyware nearly impossible to detect and remove. Often used by hackers, rootkits need to be installed on a computer, after which they can be used to gain control at an administrator level. The only way to be really sure you've removed a rootkit is to wipe and format the hard drive. But there have been no reported instances of spyware manufacturers using rootkits. The Microsoft researchers are, as many academically inclined researchers do, hypothesizing on what could happen. Considering the nastiness of some spyware installations I've seen, and how rootkits have become more user-friendly, I wouldn't be surprised if this theory becomes reality.