TrojanProxy:Win32/Pramro.F is a trojan that creates a proxy on an infected computer. Proxy servers may be used by attackers to hide the origin of malicious activity. In this case, this proxy may be used to relay spam and HTTP traffic. In the wild TrojanProxy:Win32/Pramro.F has been observed to be associated with the Win32/Sality malware family variants such as Virus:Win32/Sality.AT.

TrojanProxy:Win32/Pramro.C is a trojan that creates a proxy on an affected machine. Proxy servers may be used by attackers in order to hide the origin of malicious activity. In this case, this proxy may be used to relay spam and HTTP traffic. In the wild it has been observed being associated with the Win32/Sality family.

TrojanProxy:Win32/Pramro.B is a trojan that creates a proxy on an affected machine. Proxy servers may be used by attackers in order to hide the origin of malicious activity. In this case, this proxy may be used to relay spam and HTTP traffic. In the wild it has been observed being associated with the Win32/Sality family.

TrojanProxy:Win32/Pramro.gen!A is a trojan that creates a proxy on an affected machine. Proxy servers may be used by attackers in order to hide the origin of malicious activity. In this case, this proxy may be used to relay spam and HTTP traffic. In the wild it has been observed being associated with the Win32/Sality family.

Virtool:Win32/ModTool.A is a detection for AutoIT scripts compiled into modified stand-alone executables. Due to the generic nature of this signature, it may detect other malware, such as trojans and worms.

TrojanSpy:Win32/Keatep.B is a trojan that steals FTP credentials and sends it to a remote attacker. It also injects malicious Iframe code that points to a certain Web site. It also disables the Windows firewall and connects to a remote Web site to potentially download arbitrary files.

TrojanDownloader:Win32/Cutwail.BT is a member of Win32/Cutwail - a multi-component family of malware that downloads and executes arbitrary files. This functionality is mostly used to install additional Cutwail components, and other malware on an affected computer. In general, the Cutwail family is used to compromise computers and direct them in various ways at the attacker's will, usually for monetary gain. This could include using the affected computer to distribute additional malware, send spam, generate 'pay per click' advertising revenue, harvest email addresses, and break captchas. Its components are varied, but include trojan downloaders and droppers, spammers, and viruses. Cutwail also employs a rootkit and other defensive techniques to avoid detection and removal.

Windows Defender detects and removes this threat.

Win32/Pramro is a trojan that acts as a SOCKS proxy on an infected computer. Proxy servers may be used by attackers to hide the origin of malicious activity. In this case, this proxy may be used to relay spam and HTTP traffic. In the wild, Win32/Pramro has been observed to be downloaded by variants of the Win32/Sality family.

Worm:Win32/Sohanad.Z is a member of Win32/Sohanad - a family of worms that may spread via removable or network drives and particular messenger applications. It may also modify a number of system settings to facilitate its actions on an affected computer, and contact a remote host.