Now Microsoft’s Malicious Software Removal Tool can detect and clean the fourth-biggest threat in automated program's history, which dates back to at least 2005.

Called by Microsoft as Win32/Renocide this backdoor enabled worm spreads through removable drives, network shares and popular file-sharing applications. Once installed, it drops copies of itself on all removable drives, possibly by randomizing the file names. It also spreads by scanning machines on an infected computer's local network and pasting a copy of a file called autorun.inf, which many versions of Windows automatically execute when the drive is attached.

The program began circulating in 2008, also contributing to its success.Once installed, Renocide may cause infected machines to connect to remote servers over Internet Relay Chat, so it can receive commands from the attackers and download other malicious programs. It also attempts to monitor the IP address of the infected machine using whatismyip.com.

Renocide comes fourth behind malware known as Rimecud and Taterf and Sality, which are rated as Nos. 1, 2 , and 3 in terms of infected machines detected in the first week they were detected by the MSRT.