After running his staff ragged for nearly two weeks chasing the Nimda worm that slowed many businesses to a crawl, Brett McAllister could finally start to plan ahead.

“I.T. was working around the clock, a lot of overtime,” said McAllister, Futuredontics Inc.’s chief technology officer who is in charge of keeping the company’s 18 servers in working order. “Now I owe these guys a couple of days of vacation.”

This was a bad one difficult to eradicate with the usual array of anti-virus software. And it was even harder for small businesses, which usually don’t have a computer staff and often use older software more susceptible to viruses.

“As long as there are people out there with the intent to create destructive code, we’re always going to be in a reactive situation,” said Frank Harrill, special agent in computer crime for the FBI’s Los Angeles field office.

All told, Nimda infected 8.3 million computer workstations worldwide during the two weeks following its outbreak, according to Carlsbad, Calif.-based I.T. research organization Computer Economics. But that discounts the lingering effects of Nimda, which remained the most prevalent computer virus in the world as of late last week, according to Cupertino, Calif.-based antivirus software firm Trend Micro Inc.

Computer Economics pegged Nimda’s cost to business at $590 million as of Oct. 2, but the figure is expected to be higher once the damage is fully tallied. Last year’s Love Bug virus, whose destruction was largely in the form of corrupted files, cost worldwide businesses $8.8 billion.

“Trend Micro is looking at Nimda as the worst virus we’ve ever seen,” said company spokeswoman Sandi Meyer.

One local attorney who runs a five-person firm tried everything to get rid of it the 2001 Norton Antivirus helped at first, but it came back. He then downloaded Symantec Removal Tool, but it came back again.

Jessica Brosius of Tracey Horton & Associates, a small promotional products and advertising firm in Agoura Hills, noted that Microsoft Word, Microsoft Outlook and CorelDRAW programs were all rendered useless by the worm. Two weeks after the Sept. 18 outbreak, the company could not send e-mails. “It’s the worst virus we ever had,” said Brosius, who has worked with the company for four years.

Larger companies were not immune, either. McAllister, whose 250-employee company also operates the call center for 1-800-ATTORNEYS, said the client-oriented nature of Los Angeles-based Futuredontics made it particularly susceptible. “We have a very liberal policy with access,” said McAllister, who noted that clients, salespeople and operators all have access to the database.

Technically, Nimda (“Admin” spelled backwards) is a worm, not a virus, because it can take effect without the end user actively downloading an attachment. Anyone using Microsoft’s Internet Information Server or Internet Explorer could be infiltrated by surfing the Web. And unlike prior viruses, the damage is not in files being corrupted, but in the worm’s ability to quickly replicate itself throughout a computer network, overloading it in the process.

That’s how Alan Paller, director of research for Washington-based systems protection school SANS Institute, described it: “Take all the viruses and worms that have been running around and take all of their infection vectors and put them all into one worm.”

Southern California’s proliferation of small businesses makes it a region particularly at risk for a widespread attack. “Normally, a small business would look to the virus cleaners and go on,” said Paller.

Some Internet service providers are beginning to consider installing filters that would detect and deny access to any user with an infected computer.

Such a move, which would require ISPs to incur the cost of filters and staff to operate and maintain the system, as well as lost revenues from users being denied access, would never have been contemplated before the Sept. 11 attacks prompted fears of computer warfare.

“If this were a month ago, most ISPs would say, ‘It isn’t our job to police the Internet,'” Paller said.

Meantime, some corporations are taking matters into their own hands by installing filters to block certain types of e-mail attachments. “The downside is you’re going to block some legitimate programs, but many companies are willing to make that tradeoff,” said Stephen Trilling, director of research for Santa Monica-based Symantec Security Response.