I did something very careless the other day - I connected my laptop to a public wireless network without checking that the firewall was on.
The personal firewall I use, Comodo Firewall Pro, is generally excellent. The only snag is I have to turn it off to synchronise files between desktop and laptop, but I do that on a LAN that's already firewalled, so it's OK. Until I forget to turn it back on, that is.
The first warning - of a virus - appeared within minutes. Thankfully Sophos AV was still running. Then I turned the firewall back on and it too started issuing warnings....
Moments later I'd disabled the network card and gone hunting. Those few minutes of network connection had left at least a dozen files on my laptop that I didn't like the look of, and four of them were already running and refused to let me kill them in the Windows Task Manager.
Thankfully, full scans with Sophos for more viruses and Trojans, plus Lavasoft's Ad-Aware 2007 and Safer Networking's Spybot Search& Destroy for adware and spyware, seem to have identified and killed the vermin. Less happily, the process also killed the WLAN drivers, but a re-install fixed that.
Is there a lesson in all this? One, I guess, is that I really ought to look a bit harder at getting the file-sync working through the firewall, so I can leave it on all the time. If I were looking after users, I'd make sure they couldn't turn the firewall off at all.
The other is that all those stories about how quickly and heavily an unprotected Windows PC will get infected with crud when connected to the Internet are not scare stories - they're true.