Windows worm hits three million PC users


Variously known as Conficker, Kido or Downup, the virus spreads through memory sticks and low-security networks.

Microsoft says the malicious program works by looking for a file called 'services.exe', and then becomes a part of that code.

It copies itself into the Windows system folder as a file type called "dll". Then It gives itself a 5-8 character name, and modifies the Registry to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point, then downloads files from the hacker's web site.

Experts recommend PC users should have up-to-date anti-virus software, and should install Microsoft's MS08-067 patch.

You have been warned.