E-Mail Password Sender


· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·



Overview

Alias:

Trojan.psw.eps.165, Trojan.PSW.EPS.166

Category:

Password Capture: A variant of the Key Logger that captures passwords as they are entered or transmitted. Some password capture trojans impersonate the login prompt, asking the user to provide their password.

Variants:

  • E-Mail Password Sender 1.09
  • E-Mail Password Sender 1.51
  • E-Mail Password Sender 1.66
  • Similar Pests:

    Password Capture

    Origins

    Author:

    DK32

    Date of Origin:

    Variants from February, 2000 to September, 2001

    Operation

    General:

    Installs in c:\windows\system and starts at machine boot. EPS runs as another program, and kills that program. When it detects an Internet connection, it will send cached e-mail passwords.

    Storage Required:

  • E-Mail Password Sender 1.09: at least 105 KB
  • E-Mail Password Sender 1.51: at least 329 KB
  • E-Mail Password Sender 1.66: at least 45 KB
  • Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.



    Manual Removal:

    Follow these steps to remove E-Mail Password Sender from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:

  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
  • Research By:

  • PestPatrol's Pest Research Center
  • Last Revised:

    February 13, 2005