Trojan.Spy:Win32/Pstsca

Computer users that detect the TrojanSpy:Win32/Pstsca malware on their Windows PC have a reason to change their login details for online banking portals and social media. The Pstsca Trojan is designed to collect information and send it to its 'Command and Control' servers that may be located on the TOR Network. That might make it hard for law enforcement agencies to execute an investigation of cases involving TrojanSpy:Win32/Pstsca and restore the lost money to their rightful owner. The TrojanSpy:Win32/Pstsca malware is similar to Clemint and Ranbyus and may record your keystrokes when you are at the log-in page of a social media site and use iFrames to grab your input when you enter an online banking portal.

The TrojanSpy:Win32/Pstsca malware is known to run on 564-bit and 32-bit systems that execute Windows 7 and 8. The TrojanSpy:Win32/Pstsca malware might use a file named mcclient.exe to appear as a legitimate Windows Installer in the Windows Task Manager and not raise suspicion. The Pstsca Trojan may install its main executable in the Windows directory and register itself as a startup service to be executed every time you log in your account on Windows. The Pstsca Trojan may record information like your input on social page, banking forms and emails. The Pstsca malware might store the collected information in INI files and inject code into your default Internet browser to send the data to its operators. Additionally, the Pstsca Trojan may open ports in your Windows Firewall settings to listen for commands and allow remote code execution without your notice. Computer users should not underestimate the Pstsca Trojan, keep their software updated and install a trustworthy anti-malware utility.