More than a million computers could now be infected with the Mydoom virus, say experts.
Mydoom.B is taking aim at Microsoft
The virulent program has also reached the number two position in the list of most active viruses of all time.
As well as causing havoc for many home and business users, the virus has also knocked offline the website of US software firm SCO.
Next in line for attack is the website of Microsoft which is due to come under attack from 3 February.
The estimate of infected machines comes from Finnish anti-virus firm F-Secure and reveals just how widespread Mydoom has become since it first appeared on 26 January.
From: random e-mail address
To: address of the recipient
Subject: random words
Message body: several different mail error messages, such as: Mail transaction failed. Partial message is available
Attachment (with a textfile icon): random name ending with ZIP, BAT, CMD, EXE, PIF or SCR extension
When a user clicks on the attachment, the worm will start Notepad, filled with random characters
In the few days since it appeared Mydoom.A, also known as Novarg or Shimgapi, has become the second most active virus of all time according to mail filtering firm MessageLabs which has now stopped more than 16m copies of the virus.
This puts it ahead of Klez.H, the virus in the number three slot on MessageLab's top ten. In 18 months Klez.H has racked up a total of 8m copies - a figure that Mydoom has beaten in less than a week.
As the virus is continuing its rampage across the net it could soon become the biggest virus of all time.
Heading the list of all time top viruses is Sobig.F of which MessageLabs has now caught more than 33m copies.
Most of the copies of Mydoom caught are of the original A-strain. The new variant, Mydoom.B, is classified as a low threat because it is not widespread.
This will come as a relief for Microsoft whose website is due to come under attack on 3 February from this version.
Over the weekend the original strain subjected the website of Utah-based software firm SCO to an overwhelming barrage of traffic, known as a Distributed Denial of Service (DDoS) attack.
Infected computers were used to bombard the website with bogus data packages that utterly paralysed the site.
SCO has been involved in a legal row with the open-source community, after claiming versions of the Linux operating system used code it said it owned.
Programmed into the virus are timers that will stop the SCO attack on 12 February.
PROTECT YOURSELF FROM VIRUSES
Install an anti-virus program.
Keep it up to date
Get the latest patches and updates for your operating system
Never automatically open e-mail attachments
Download or purchase software from trusted, reputable sources
Make backups of important files
However the system clocks of many PCs are wrongly set so the attack could persist longer than this.
For now SCO has set up a temporary website at www.thescogroup.com until the digital barrage on http://www.sco.com ends.
Security firms were keen to point out that although the DDoS attacks will end, the backdoor into infected PCs created by Mydoom will remain open indefinitely.
The virus has managed to spread so far and so fast thanks to the gullibility of many PC users.
The payload of the virus was concealed in an attachment made to look like it was a bounced e-mail message.
Many people opened up this attachment to find out which of their messages had supposedly not got through. Instead of seeing the text of a message they got garbled text and an infected PC.
One other sneaky trick that the virus plays is to fiddle with a PC's net settings to make some sites, mainly those of anti-virus firms, unreachable.