Name: Troj/Nethief-C Aliases: Backdoor.Nethief.XP.c, BackDoor-TW trojan, Backdoor.NetThief Type: Trojan Date: 25 October 2002 At the time of writing Sophos has received just one report of this Trojan from the wild. Description Troj/Nethief-C is a backdoor Trojan that copies itself to IExplorer.exe in the Windows system folder and sets the registry entry HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Internet Explorer = Iexplorer.exe More information about Troj/Nethief-C can be found at http://www.sophos.com/virusinfo/analyses/trojnethiefc.html
Hmm Gavin you've been quite busy lately. Sophos writes about one with several names discovered today and you got 27 variants already! That it's using the iexplorer.exe name hmm people will not notice that too quickly as an illigal /infected variant of the legal exe.