My antivirus programs failed me

[Interleave]

I was using my computer this morning (surfing the net) when all of a sudden the nginx virus takes over my ability to connect to the internet. I've never actually run across this particular little *censored* before but I've heard of it and knew that it was bad news.

I've run Microsoft Security Essentials, Malwarebytes and Ad Aware for years and have been completely problem free. All of a sudden - BAM! Internet on, no ability to actually do anything with it!

Now this particular pain in the *censored* has been around for a long time so I don't see how all three of these excellent programs missed it - I mean, you know, MSE and Ad Aware run real-time and I update and use Malwarebytes regularly so I'm completely at a loss to explain how it snuck through.

Anyway, rather than attempt to eradicate the machine of the offending bug I used Acronis and restored a sector by sector backup of the machine which was 11 days old (problem solved - and definitively).

The point is, though - how did this virus get through? I know all the rules. I'm careful about going to websites I don't know and I don't open files in my email unless I'm expecting to get a file in my email. So where did I go wrong and what can I do to prevent it from happening in the future?

This really does make me appreciate my Ubuntu OS on my other machines that much more, I gotta say.

[hartbeatmr]

Good evening Interleave

I am glad to hear that you are back in operation. Thankfully like you I try stay away from known bad sites, known bad programs etc.

I know that this virus goes completely rouge and mods the host file, registry etc. I am pretty sure it work(s) off of a exploit but even knowing it has been around for awhile not a whole lot is really known about this nginx virus. I wish I had more input for you so this can be avoided in the future. 

There are some really good AV suites out there but I do have a suggestion for you have you ever heard off "Vipre" along time ago at my work we would receive CD's of Vipre and what I my self have always done is trial run any and all software before I recommend it too anyone and that is use it my self first.

Well my old AV suite was going to expire so i figured I would try it. Then just like you BAM out of the blue I was hit and Instantly Vipre kicked in "it detected the virus" I don't know if it was the same one that you are speaking of. It "vipre" said it removed it and had to reboot to finish the process and I was thinking well I am done and all my stuff would be gone as my last back up was about 1.5 months old. I allowed Vipre to do it's thing so the PC re-booted and did a boot scan and then restarted one more time (with no intervention from me) and I said to my self Oh ya my stuff is gone.  Well when the PC came back on behold "vipre" really did come thru. 

No BSOD, no corrupt drivers, all programs function 100% etc. Right there I had my new fav AV suite.

Here are the plus's to it.
#1. Doesn't slow the PC down, even during scans. 
#2. Cost per lic & per year is the cheapest around.
#3. Tech support is absolutely terrific to deal and telephone support is also free etc.
#4. There AV suite was built from ground up no old engines like some companies do by putting a shinny new face to a old product etc.
#5. It is the only one that I put on customers PC and has not to date let me down yet.
#6. Comes with 2 week free trial
#7. They have a AV suite that can cover up to 10 PC's at a cost that is cheaper than some of the other AV CO's charge for a 3 vol lic.

Well I hope I didn't bore you to much. I am pretty sure that you know if you are going to try Vipre just make sure you remove the old AV in the standard fashion and then go get the manual removal tool (that a lot of the big AV companies have) and then install Vipre. Because you can't have 2 active AV's running at the same time with out having issues but I am pretty sure you know that. 

I don't make any money off of them, this is just my opinion.
Take care, Mike 
   

[Interleave]

Thanks for the info. I'll look into it. I was also thinking about taking a look at ESET.
Of course, I'd rather not have to get another AV because I've been very happy with the ones I've been working with up to this point but (of course) all three failed to detect it or prevent it, so..... Guess I'm off to look for a new solution.