PWS:Win32/PWSteal.M is the detection for a trojan that drops several password-recovery tools in the computer.
Drops other files
PWS:Win32/PWSteal.M drops several password-recovery tools such as the following files:
These dropped files may collect user information for various accounts. The collected passwords are stored in the following files:
PWS:Win32/PWSteal.M then attempts to send the information in these files to a remote attacker.
Modifies computer settings
PWS:Win32/PWSteal.M may prevent Windows Defender from displaying a warning. It may also close the Task Manager process.
Analysis by Andrei Florin Saygo
The following system changes may indicate the presence of this malware: