The Sober worm, which was due to activate last Thursday, has stopped spreading and its author has held back from uploading malware onto any machines.

Sober was the most common infection in November and December last year, and was programmed to download software from remote websites.

It was feared that host machines across the world would start sending spam or take part in denial of service attacks.

Instead the virus writer has stayed undercover and the worm has ceased trying to spread itself.

"When the Sober.Y download deadline passed on 6 January all infected machines started download attempts from the five different sites. At the same time, the virus stopped emailing itself around," said Mikko Hyppönen, chief research officer at security firm F-Secure.

"As a result, the virus that had held the number one position since November 2005 just disappeared from the stats."

Hyppönen added that infection rates for the worm over the past week were running at 18,000 PCs per day but are now plummeting.

Graham Cluley, senior technology consultant at Sophos, said: "We are still seeing a small number of reports but it's sloping away now.

"The worm author could still put material up there. We know that the German police are investigating the case vigorously, but I'm worried that he'll duck down behind the sofa and pop up again when the fuss has died down."