Joanna Rutkowska is the name I've seen associated with this attack,
which is frequently called Blue Pill, from the Matrix. She has
demonstrated a running version on Vista x64 and is presenting at Black
Hat today. According to reports, she was able to install the rootkit on
a running system, no reboot required.
http://www.eweek.com/article2/0,1895,1983037,00.asp is a news article on
The key point is that you're both right. You are safer if you use a
virtual machine to run Windows. However, if your base system gets
infected, virtualizability assures that there is no mechanism by which
the OS can detect the attack.