Over the 3rd-week of March 2011, Microsoft said that Win32/Renocide was the fourth most-dangerous malware within the history of automated software after it was first detected during 2005 if not earlier.
States the company, Win32/Renocide represents a virus that creates backdoor facilities while proliferating online through different means, say detachable drives. Soon after getting planted, it drops its own replicas on every detachable drive present, presumably after giving random names to the files. Another way Renocide proliferates is by scanning other computers within the network to which the initially infected PC belongs and installing an autorun.inf file that Windows PCs mechanically run following the drive's insertion.
Moreover, Renocide as well proliferates by abusing file-sharing application. For that, it takes down the hundred songs that are most popular from certain torrent websites and then selects fifty of them. Thereafter it opens one fresh folder within the P2P software where it loads its own copies and names the files as P2P downloads. It also adds a supplement called "Keymaker," "-RELOADED," "Razor1911," "crack," "Validator," "Keygen" or "Activator."
...
