Even hourly updates seems too little too late. The other day I saw something that I haven't seen for a long time; my staff working! No, seriously, I saw a hard drive with all the data overwritten by a virus.
Back in the old days, when no- one had anti-virus software _ or used McAfee Anti-Virus, which amounted to pretty much the same thing; there were viruses about that killed data. Those viruses, however, erased drives by wiping the boot record or file table (the index at the start of the drive). The actual data was still intact, Windows just didn't know where it was. Recovery was easy if you knew what to do. This bug was different. It had overwritten almost every file on the drive, replacing them instead with another file called Axel. dav. That file contained one string of data; the name "Alex Davies". The drive's folder-tree structure was still there, except every folder contained only one file. The Windows system32 folder, for example, usually contains about 6000 essential files. On this drive it contained one, Axel. dav. Usually, when data gets scrambled by a virus or power-surge, we can use software to rebuild the drive's contents and then recover the data. In this case the data was actually overwritten by the virus and recovery was impossible. This makes it one of the most destructive exploits I have seen.

The machine involved was running the usual anti-virus software we recommend; AVG 7.5 Free Edition; yet this bug got through. A quick Google showed the culprit to be vbs_redlof. A, an obscure little bug that uses Microsoft's very own built-in virus delivery system, Outlook Express, to spread itself. For a mail worm, it is relatively unusual because most modern worms try to hide for as long as possible so they can email out as many copies of themselves as they can. The longer they remain undetected, the more successful they are, therefore stealth and the ability to morph; changing enough to avoid being detected by out-of-date virus scanners; is a big plus. To erase files then seems to be wanton vandalism, and somewhat anti-worm behaviour. The problem with new virus infections is that by the time our virus scanners update themselves with the ability to detect the new virus (usually a daily chore), the damage has probably already been done. So how do we avoid them? The reality is that we can't, we can only minimise risk. Nearly all our solutions are ambulances at the bottom of the cliff. Most of the big-name anti-virus software titles try to get around this by locking your computer down tighter than a Labour party budget author's bum, which, of course, turns your machine into a frustratingly slow and unusable electromechanical pudding. Some software out there even has hourly updates in order to combat the time-lag problem. However, with viruses going global in as little as 10 minutes, even hourly updates seems too little too late.

So what else can we do? We recommend ditching Outlook Express for something a little less vulnerable, such as Thunderbird or Opera's built-in M2 mail client. Both are free and impervious to scripting- type mail worms. Incredimail is just as full of security holes, not to mention advertisements and those awful smilies, blinkies, zingies, wankies and fuzzies. We should all practice safe email handling, like not opening an attachment without knowing what it is, even if it's from someone we know; they could be infected and not know it. And don't assume because your anti-virus software let it through that it's safe; if it's a new bug your software won't know it's a virus, either. We also don't recommend Internet Explorer. Not only is it horribly slow, there are those same security flaws. The new version 7 is only marginally better. We use Firefox or Opera. Both are fast, secure and fully tweakable for those who like to look under the hood.

The bottom line is: use common sense, don't click just for the sake of it. Keep all your software, including Windows, up to date. If you do get infected, shut down, stay off the net and get the bug professionally removed as soon as you can; the last thing you want to do is send it to all your friends.