I don't know the mechanics of why this wasn't detected, except in very general terms.
Vitro is a
polymorphic virus. This means it mutates frequently (and I believe, in a non-predictable manner). What this means is that a scanner checking for a particular footprint probably will not detect the new variant- which may be several generations removed from the detection algorithm - until it's installed and running.
Prevention is better than cure, of course; once it's running this particular one is considered pretty much near impossible to successfully remove.
Here is a bit more information, from Pondus (one of the forums' malware researchers) about some of the things it does.
I don't know if there is a successful cleanup routine or program that is recommended. I've read about a few users who have it, and most appear to have had to re-format. I can't say if the users of other AV's have the same sort of issues with this one, but I wouldn't be at all surprised. The type of behaviour the virus demonstrates looks like it would be able to overwhelm most cleaners. And if it overwhelms a highly regarded trojan killer like MBAM, you have to ask yourself: what hope is there?
All I can suggest is using the Noscript add-on with Firefox, keeping software up to date (especially flash players, and Java) and if prompted by a website to install the latest flash player to watch a movie, when you know you already have the latest player installed, leave that site never to return. (Ditto if a site offers you a codec to enable your embedded media player to work, or wants you to install a plugin for its own player. Some will be legit. No movie is worth it, to me, to do this, without a bit more research, at least. And probably not even then, unless it's a popular, well known, and highly regarded player.)
What else? Use a hosts file. (I use the MVPS hosts file, and Hostsman to manage it. See
Here.)
SpywareBlaster does a similar sort of job in a different way.
(The similar job is that of blocking known bad sites from connecting/loading.)
These need updating from time to time, and will not block unknown bad sites. The noscript option in Firefox is one of the best preventers, requiring anything you don't whitelist approval to be run. (Then you just need to let your daughter know not to allow all scripts that want to run on a page, for the sake of convenience.
Consider giving her a limited user account to use, and password protect your own user profile.