Home computer users are the main victims of the Sasser Windows worm, according to anti-virus firm Network Associates.
Hundreds of thousands of PCs have been hit by Sasser
Up to 80% of those hit have been home users and students, it reports.
About 1.5 million people visited Microsoft's Sasser clean-up web page in the first 48 hours of its availability, the software giant said.
The effects of the worm could be felt for many months, believes anti-virus firm Sophos.
"There is a fear that background radiation of the Sasser worm could be felt for months to come," said Graham Cluley, senior technologist at Sophos.
"The big danger is a raft of new computers that are not protected," he added.
According to Mr Cluley new computers often do not have protection for up to nine months worth of virus outbreaks.
The Sasser worm first appeared on 1 May and estimates vary widely on how many Windows PCs have been infected by it.
Some reports suggest that up to a million machines are infected.
Whatever the final numbers the worm's four variants have racked up an impressive list of victims between them.
The virus was reported to have hit up to 300,000 machines at Deutsche Post making it impossible for staff to hand over cash.
Machines at investment bank Goldman Sachs, the European Commission and British Airways and 19 regional offices of the UK Maritime and Coastguard Agency all fell victim to Sasser.
Up to 500 hospitals in New Orleans were shut down for several hours and social and health services in Washington state were also hit by the worm.
Half of British Airway's computers at the check-in desks in Terminal Four were put out of action leading to delays for customers on Tuesday evening.
One customer of a Perth-based branch of WestPac bank threatened to charge it reconnection fees because he was unable to get his hands on cash ear-marked to pay telephone and electricity bills.
Sasser spread rapidly in the first few days said Richard Archdeacon, technical services director from security firm Symantec.
"The fact that there have already been four variants tends to indicate that they are refining the code and looking for a way to spread it before the patches are in place," he told BBC News Online.
Mr Archdeacon said worms like Sasser could potentially do more damage than many other recent viruses.
"Mass-mailing [viruses] are not as potentially dangerous because they can be cured with anti-virus software," said Mr Archdeacon. "But with Sasser you have to go and stick the patch in yourself".
Sasser struck almost exactly 4 years after the Iloveyou bug
The vulnerability that Sasser exploits was first identified on 8 October last year by security firm eEye Digital Security.
However the first code to exploit the vulnerability only appeared a few days after the first patch for the loophole was released by Microsoft on 13 April.
The virus can infect PCs running Windows 2000 and XP that are not patched against the loophole it exploits or do not have a firewall to protect themselves.
According to anti-virus firms machines running Windows 95, 98 and Millennium Edition can help spread Sasser even though they cannot be infected by it.
The virus is called a worm because it searches out machines to infect by itself without any help from users.
The latest version, Sasser.D, scans so aggressively for new computers to infect that it may cause networks to become congested with packets of data and slow down.
Poor programming by Sasser's creator makes infected machines shut down.
Unpatched versions of Windows XP are vulnerable
Microsoft and many security firms have released tools that help people find out if they are infected and to help them remove the virus from their system.
Microsoft played down reports that millions were being infected by Sasser.
It reported that almost four times as many PC owners were downloading patches for security problems now compared to autumn in 2003.
Holidays in the UK, parts of Europe and Japan may also help to limit the spread of the worm.
Creators of other malicious programs are trying to cash in on the success of Sasser.
The latest version of the Netsky virus, the 29th variant, travels with a file that claims to be a cure for Sasser sent out by anti-virus firms.
Inside this version the creators of Netsky claim that they were responsible for making Sasser too.