Originally Posted by
Synthaxx
Unless it's a service or running in a rootkit (surprisingly not uncommon methods with which to run them), in which case it's a matter of finding the odd service, or running the anti-rootkit tools out there.
And any communication being done by the program could be done via a driver, or obfuscated in such a way that it's assumed to be non-dangerous by most antivirus programs. There ARE ways of preventing detection, but there's always a way to detect them with the right tools, enough time, and enough knowledge.
There's so many ways to hide a program from normal detection, hence why it's good to run a deep-scan on the whole system from time to time.