Home / malware VirTool:Win32/Prolonc.A
First posted on 10 September 2010.
Source: SecurityHomeAliases :
VirTool:Win32/Prolonc.A is also known as Trojan-Spy.Win32.Ardamax.fwr (Kaspersky), TR/Spy.Ardamax.fvc (Avira), Trojan-Spy.Win32.Ardamax (Ikarus).
Explanation :
VirTool:Win32/Prolonc.A is a detection for a malware component that starts another executable after a 5-minute delay has elapsed.
Top
VirTool:Win32/Prolonc.A is a detection for a malware component that starts another executable after a 5-minute delay has elapsed. When executed, VirTool:Win32/Prolonc.A looks for a file input in the command line. If it does find a file input, it waits for 5 minutes, then runs the input file. In the wild, this threat has been observed to be installed with the following malware:Trojan:Win32/Emuni.A Rogue:Win32/Rudoct
Analysis by Jireh SanicoLast update 10 September 2010
