Malware writers are getting more and more devious, to prevent you from detecting and/or removing them. You all know about rootkits, that are designed to hide traces of themselves. One of the most recent threats, named Trojan:Win32/Popureb.E, is a bootkit, which not only tries to evade detection but also prevents its code from being changed, to make it harder to clean it off the system. It does this with a driver component. You can find out more of the technical details of how it works here:
http://blogs.technet.com/b/mmpc/archive/2011/06/22/don-t-write-it-read-it-instead.aspx