from the doc: 'mtm recorded password stealer fwb bypass mtm recorder password stealer steal and send you to your specified email addresse (must be an hotmail account) eg: [email protected] the passwords stored on your computer by Internet Explorer and Outlook Express. The passwords are revealed by reading the information from the Protected Storage. 1. Outlook Express passwords: 2. AutoComplete passwords in Internet Explorer: 3. Password-protected sites in Internet Explorer:About The Protected Storage ============================ The Protected Storage information is saved in a special location in the Registry. The base key of the Protected Storage is located under the following key: "HKEY CURRENT USERSoftwareMicrosoftProtected Storage System Provider" You can browse the above key in the Registry Editor (RegEdit), but you won't be able to watch the passwords, because they are encrypted. Also, some passwords data are hidden by the operating system.'
Trojan Horse [Panda]
editor.exeunpacked-server.exe