Troj/PSW-EI is a password stealing Trojan for the Windows platform.
When first run Troj/PSW-EI copies itself to <Temp>\taso.exe and creates the following files:
<Temp>\taso0.dll
<Temp>\xgpdlzua.dll
<Temp>\<random name>.sys
The sys file is detected as Mal/RootKit-A.
The following registry entry is created to automaticly run taso.exe on system startup
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
tasa
<Temp>\taso.exe