Millions of Windows computers have been infected by a new computer worm dubbed “Conficker.” The situation is “not getting better,” but rather is “getting worse,” according to security software vendor F-Secure.

In a blog post, F-Secure security researchers report that the number of machines infected by the Downadup worm has skyrocketed from roughly 2.4 million to over 8.9 million in the last four days alone.

Downadup is a malicious worm that “uses computer or network resources to make complete copies of itself,” according to F-Secure. And it may also include code or other malware that damages both a computer and network. The worm also goes by the names “Kido” and “Conflicker.” Details on how it operates and how to remove it are here.

Once executed, Downadup disables a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. The worm then connects to a malicious server, where it downloads additional malware to install on the infected computer. Computerworld provides a more detailed report on Downadup’s potential dangers.

Since Downadup uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions, F-Secure recommends.

The alarmingly high number of Downadup infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it’s important that Windows users, if they haven’t already, download the latest Microsoft security patch that went out earlier this week.

The Conficker/Downadup worm managed to slither onto millions of PCs worldwide at its height, but after it initially infected a computer it only really acted to spread itself, and didn’t cause further harm. Until now.

Symantec reports today that it has found a new variant of the virulent worm that will identify antivirus software or security analysis tools running on the infected PC, and attempt to shut down those programs. This is a strong signal that the worm’s mysterious creators haven’t abandoned their creation in the face of worldwide attention, as some in the industry have theorized, but may still have plans to make a buck off their work.

To protect against the Conficker worm, first make sure you’ve installed the patch that closes a targeted hole in the Microsoft Server Service. Next, protect any network shares and administrator accounts with a strong password, as Conficker will try to guess easy ones.

Finally, you can block the worm’s third infection, which hijacks thumb drives and other removeable media, by disabling Autorun on Windows. PC World has a download available that can automate that step for Windows XP users, and Microsoft has posted manual instructions.