Posted 28 August 2009 - 06:46 PM
Many Viruses can pass through the internet and into your computer because the firewall is down, or because your antivirus is not functioning correctly. Some of the newest viruses and trojans can also remain undetected because the Antivirus systems have not yet been updated to detect and remove the infection. Also, many trojans and viruses are disguised as another, legitimate file so that users download the files themselves. (E.g. P2P)
As to what can help the virus remain undetected... rootkits and other self disguising techniques are often used to prevent Antivirus Systems and even the user from discovering the virus.
Hijackthis can tell you if your registry has been edited to allow a virus to start up on boot. Hijackthis also has many other functions that can tell what exactly has been changed, and provides an in-depth analysis of many areas that can signal an infection. Hijackthis is an extremely complicated tool that can cause severe damage to a computer if used incorrectly. It is best that Hijackthis only be used under supervision of a trained professional.
Viruses can attack almost any area of a computer. Yes, they can infect svchost and winsock.
I'm pretty sure that almost all antivirus solutions have a download scanner to attempt to prevent viruses... however most AV's, in my experience, usually don't detect it until you click on the file. I have used AVAST, AVG and Norton. I find that Norton won't detect anything. EVER.
New viruses and trojans are definitely a major reason as to why computers can become infected. Computers and programs that are not updated regularly are also extremely susceptible to viruses. P2P networks such as Limewire, torrents also infect computers extremely easily.
AV's are updated quite frequently as well. It is very important to keep up to date to deal with the latest viruses. I find that most AV's keep up to date quite nicely with the latest viruses, but viruses come up with stronger and stronger methods to nullify the AV. Rootkits, locked .exe's and denied permissions often prevent AV's from successfully removing a virus. One Virus Removal tool that works really well to remove many viruses is Malwarebytes Anti-Malware. I find that it often works better than many AV's.
Hope I could help you out,