This is a Microsoft information page about RootKits.

http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx

Note in particular this paragraph:

"Is there a sure-fire way to know of a rootkit's presence ? In general, not from within a running system. A kernel-mode rootkit can control any aspect of a system's behavior so information returned by any API, including the raw reads of Registry hive and file system data performed by RootkitRevealer, can be compromised. While comparing an on-line scan of a system and an off-line scan from a secure environment such as a boot into an CD-based operating system installation is more reliable, rootkits can target such tools to evade detection by even them. The bottom line is that there will never be a universal rootkit scanner, but the most powerful scanners will be on-line/off-line comparison scanners that integrate with antivirus."

CAPS defeats RootKit attacks by using a SEPARATE, SECURE and COST EFFECTIVE authentication channel - the phone service - to allow or block pending transactions at the consumer's discretion.