Antivirus Pro infection

I've been running Nod32 antivirus for years without problems. Last night I was somehow infected with what appears to be a program called Antivirus Pro. It keeps throwing messages about needing to activate, various programs are infected, etc. It disables the task manager, disables regedit, so the info I found on the net about removing it doesn't work. I went to eset's site this morning on a different computer and found a program that should uninstall it. I'll try after work.

I have no idea how I got this, Nod32 didn't throw any warning about it coming in. Now I'm gun shy; I've always trusted that I was safe browsing because of nod32, but if I can get infected by what appears to be well-known malware anyway, how do I know?

Any info that may help me understand this would be appreciated, as I JUST signed up for a 2 year eset renewal subscription for all of my computers about 2 weeks ago.

 

This kind of malware comes in via polymorphic packagers that are increasingly hard to detect. Nod32 still a good product, one of the best when it comes to heuristics that can detect polymorphic payloads, but it is your last possible line against infection. Patching your OS and browser plugins (Java, PDF readers, and Flash are becoming the major vectors these days) is the primary thing you should be doing if you are not. After that, take steps to harden the OS. In XP, use a limited user account and only run-as Administrator for things that actually need administrator rights and set DEP to Opt-Out mode if your hardware supports it. On Vista/7, leave UAC enabled and do not screw with it, set DEP to Opt-Out, and enable SEHOP. Anything that makes it to that point hits the AV software and hopefully gets caught.

 

Safe surfing comes with a little help, perhaps you might consider a HOSTS File