There is a new kind of a rootkit, mebroot, that can infect your computer just through visiting a website and not even accepting/loading anything from it. The rootkit hides in the first boot sector and is invisible to any antiviruses which load through harddrive. It can only be detected through boot cd or other boot media which doesn't use the infected boot sector.
http://news.yahoo.com/s/pcworld/20080304/tc_pcworld/143105;_ylt=Am5y457TaIWrfeAFofIUrhUjtBAF
The important point about this threat is also listed almost at the bottom of the article:
"Hackers are now creating Web pages that, if visited with certain browsers with security vulnerabilities (Llama's emphasis), will automatically infect a PC with Mebroot-- a technique known as a drive-by download."Now here's the thing: most of these browser flaws are for pretty old versions: think IE6 pre-SP2 in the vast majority of cases. If you have Windows Update turned on, or are using an alternative browser like Firefox or Opera (which also have autoupdate features), you're pretty much covered.
If you're really concerned, I know Symantec's NAV2008 has drive-by download protection that works well even if you have an unpatched browser (in fact, it really only does anything useful when protecting an older browser, IMHO. I base this on interviewing Symantec engineers at their San Francisco offices last November, inside one of their labs with a few test machines running different things. I covered this earlier too.) McAfee has something similar, but I've not tested it.
And though I haven't said anything about it in this thread yet, Symantec's Norton AV 2008 is also quite good, both from a security standpoint and a lightweight footprint standpoint. Their "Norton Internet Security" is somewhat bloated and "Norton 360" is substantially overbloated, and I don't recommend them for gaming systems at all. I think NOD32 is better for most users, but for a customer who likes a familiar product from a big company (quick, has your Mom heard of Eset or NOD32? I bet she's heard of Norton Antivirus though), NAV2008 is worthy.
I know enough people have been burned by earlier versions of NAV or bloated Norton products that I understand why people would be wary, and might even question my experience by suggesting it. So be it. I was wary until repeating tests two or three times too.
-Llama
