Should I block it?

98%
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections

Relationships

iatt.exe

Remove iatt.exe
MD5:   68b7f7a26b76805432e3d50009d2ab1f
SHA1:   81e56adc6b071e6b65ddb0bfeca84b72e87c3a76
SHA256:   d14b66bd4c4c8f66a6edf2820fd4162d09b326beaf6a42014596571e81a1a503
Warning 46 antivirus scanners has detected malware.

Overview

iatt.exe is malware that executes as a process with the local user's privileges typically within the context of its parent sohcimp.exe (Sony Home Network Library by Sony Corporation). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. This particular version is usually found on Windows 7 Home Basic (6.1.7601.65536).

DetailsDetails

File name:iatt.exe
Typical file path:C:\windows\temp\iatt.exe
Size:12.67 KB (12,970 bytes)
Build date:2/21/2013 12:46 AM
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Windows firewall allowed program
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\TEMP\iatt.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 46 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 Trojan.Agent!aOJ6b9AXNps
AhnLab V3 Internet Security 2013.10.04 Trojan/Win32.CSon
Avira AntiVir 7.11.105.194 TR/Proxy.Pramro.F.6
Antiy Labs AVL 2.0.3.7 Backdoor/Win32.Generic
avast! 8.0.1489.320 Win32:Malware-gen
AVG 13.0.0.3169 Downloader.Generic_r.OK
Baidu Antivirus 3.5.1.41473 Backdoor.Win32.Pramro.40
BitDefender 7.2 Trojan.Agent.AZEE
Bkav Security 1.3.0.4246 W32.ProxyPramroB.Trojan
CAT Quick Heal 10.13.12.00 TrojanProxy.Pramro.cw3
Commtouch 5.4.1.7 W32/Backdoor.HRXC-6790
Comodo Internet Security 17045 Heur.Suspicious
Dr.Web 8.13.10.5 BackDoor.Siggen.53696
Emsisoft Anti-Malware 3.0.0.589 Trojan.Win32.Agent (A)
ESET NOD32 7.8873 Win32/Agent.HLU
Fortinet 5.1.147.0 W32/Agent.HLU!tr
F-Prot v6.4.7.1.166 W32/Heuristic-170!Eldorado
F-Secure 11.0.19100.45 Trojan.Agent.AZEE
G Data 13.10.22 Trojan.Agent.AZEE
Ikarus T3.1.5.4.0 Virus.Win32.Sality
Jiangmin 16.0.100 Backdoor.Generic.eum
K7 AntiVirus 9.173.9777 Proxy-Program
K7GW 12.7.0.14 Proxy-Program
Kaspersky 9.0.0.837 Trojan-Proxy.Win32.Agent.gml
Kingsoft 2013.4.9.267 Win32.Hack.Undef.(kcloud)
Malwarebytes 1.75.0.1 Trojan.Downloader
McAfee 5.600.1067 Generic.oh
McAfee Gateway Anti-Malware v2013-dat Generic.oh
Microsoft Security Essentials 1.9901.0 TrojanProxy:Win32/Pramro.F
eScan by MicroWorld 12.0.250.0 Trojan.Agent.AZEE
NANO AntiVirus 0.26.0.55203 Trojan.Win32.Agent.bhwhup
Norman 7.02.06 Pramro.B
nProtect 2013-10-04.01 Trojan/W32.Agent_Packed.12970.G
Panda Antivirus 10.0.3.5 Trj/Agent.IVN
PC Tools 9.0.0.2 Trojan.Pramro
Rising Antivirus 24.81.06.04 Trojan.Win32.Generic.141B6F5B
Sophos 4.93.0 Mal/TinyDL-T
SUPERAntiSpyware 5.6.0.1032 Trojan.Agent/Gen-FraudPack
Symantec 20131.1.5.61 Trojan.Pramro
The Hacker 6.8.0.5.342 Posible_Worm32
Total Defense 37.0.10498 Win32/Maazben!generic
Trend Micro 9.740.0.1012 TROJ_PRAMRO.SMI
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.R0CCH01H513
Vba32 AntiVirus 3.12.24.3 Malware-Cryptor.Zhelatin.Net
VIPRE Antivirus 22076 Trojan.Win32.Generic!BT
ViRobot 2011.4.7.4223 Trojan.Win32.Agent.12970

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00797745%
0.028634%
Kernel CPU:0.00610620%
0.013761%
User CPU:0.00187125%
0.014873%
Kernel CPU time:484 ms/min
100,923,805ms/min
Memory
Private memory:4.21 MB
21.59 MB
Private (maximum):7.66 MB
Private (minimum):3.69 MB
Non-paged memory:4.21 MB
21.59 MB
Virtual memory:69.02 MB
140.96 MB
Virtual memory (peak):90.24 MB
169.69 MB
Working set:3.71 MB
18.61 MB
Working set (peak):7.97 MB
37.95 MB
Resource allocations
Threads:6
12
Handles:143
600
GUI GDI count:4
103
GUI GDI peak:4
142
GUI USER count:1
49
GUI USER peak:1
71

BehaviorsProcess properties

Integrety level:High
Platform:64-bit
Command lines:
  • C:\users\user\appdata\local\temp\sqfll.exe
  • C:\windows\temp\iatt.exe
Owner:User
Parent process:sohcimp.exe (Sony Home Network Library by Sony Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Basic 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Sony 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE