In one of the links posted yesterday, it mentioned that a user mode infection can get installed via the HKCU part of the registry so that some malware may start up when the same user logs in, and it can then write to all other processes run by that user (including Windows Explorer). This sounds serious, but it should be easier for anit-virus software to find - I suppose this is because it can only(?) start up by an entry in HKCU - and in that case, wouldn't a simple System Restore (to a date before the infection) be a reliable way to disable any user-mode infection ?
So if malware is designed to steal information while being sandboxed, it will be able to do so.
Right. So if using Chrome, it may be possible to get a malware infection that can read data and keystrokes from your PC; but when you close Chrome the malware will disappear permanently until the next time you visit a web site that causes another new infection?
If so, then I'm assuming that before using (say) online banking you should close all instances of Chrome, then open a new instance just for doing online banking ?