Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

3.26.5.0 10.00%
3.21.2.1 10.00%
3.14.1.3 10.00%
3.4.5.2 10.00%
3.1.0.3 50.00%
3.0.0.7 10.00%

PE structurePE file structure
Show functions
Import table
advapi32.dll
CryptDestroyHash, CryptHashData, CryptSetHashParam, CryptCreateHash, CryptAcquireContextW, RegOpenKeyA, RegSetValueExA, RegFlushKey, RegRestoreKeyW, RegSaveKeyW, LookupPrivilegeValueW, AdjustTokenPrivileges, RegEnumValueW, RegQueryValueW, RegEnumKeyW, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegisterServiceCtrlHandlerW, DeleteService, CreateServiceW, ControlService, OpenSCManagerW, OpenServiceW, StartServiceW, CloseServiceHandle, CreateProcessAsUserW, RegQueryValueExW, SetServiceStatus, StartServiceCtrlDispatcherW, OpenProcessToken, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, LookupAccountSidW, GetTokenInformation, CryptDecrypt, CryptAcquireContextA, CryptReleaseContext, CryptImportKey, CryptEncrypt, CryptDestroyKey, RegOpenKeyExW, RegCloseKey, RegQueryInfoKeyW, RegEnumKeyExW, ConvertSidToStringSidW, CryptGetHashParam
comctl32.dll
ImageList_GetIconSize
comdlg32.dll
GetFileTitleW
gdi32.dll
SetWindowExtEx, ScaleWindowExtEx, ExtSelectClipRgn, DeleteDC, SelectPalette, GetObjectType, CreateHatchBrush, GetRgnBox, GetBkColor, GetTextColor, GetTextExtentPoint32W, CreateDIBSection, CreateRoundRectRgn, CreatePolygonRgn, CombineRgn, PatBlt, CreateEllipticRgn, Polyline, Ellipse, Polygon, SetRectRgn, GetMapMode, DPtoLP, OffsetWindowOrgEx, GetNearestPaletteIndex, RealizePalette, GetSystemPaletteEntries, OffsetRgn, SetDIBColorTable, StretchBlt, SetPixel, Rectangle, EnumFontFamiliesExW, LPtoDP, GetWindowOrgEx, GetViewportOrgEx, PtInRegion, FillRgn, FrameRgn, GetBoundsRect, ScaleViewportExtEx, SetPaletteEntries, GetTextFaceW, SetPixelV, CreatePalette, SetWindowOrgEx, GetPixel, GetWindowExtEx, GetViewportExtEx, CreateRectRgn, SelectClipRgn, SetLayout, GetLayout, SetTextAlign, MoveToEx, LineTo, IntersectClipRect, ExcludeClipRect, GetClipBox, SetMapMode, SetROP2, SetPolyFillMode, SetBkMode, RestoreDC, SaveDC, DeleteObject, GetTextCharsetInfo, EnumFontFamiliesW, GetTextMetricsW, BitBlt, CreateCompatibleDC, CreateRectRgnIndirect, CreateCompatibleBitmap, CreateFontIndirectW, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutW, TextOutW, RectVisible, ExtFloodFill, PtVisible, CreateDIBitmap, CreatePatternBrush, CreateSolidBrush, CreatePen, GetStockObject, GetDeviceCaps, CopyMetaFileW, CreateDCW, CreateBitmap, SetTextColor, SetBkColor, GetObjectW, GetPaletteEntries
gdiplus.dll
GdipFree, GdipDeleteGraphics, GdipDisposeImage, GdipCreateBitmapFromHBITMAP, GdiplusStartup, GdiplusShutdown, GdipCreateFromHDC, GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage, GdipGetImageWidth, GdipGetImageHeight, GdipGetImagePixelFormat, GdipGetImagePaletteSize, GdipGetImagePalette, GdipCreateBitmapFromStream, GdipCreateBitmapFromScan0, GdipBitmapLockBits, GdipBitmapUnlockBits, GdipGetImageGraphicsContext, GdipDrawImageI, GdipAlloc
imm32.dll
ImmReleaseContext, ImmGetContext, ImmGetOpenStatus
kernel32.dll
DllMain
msimg32.dll
TransparentBlt, AlphaBlend
ole32.dll
OleInitialize, CoFreeUnusedLibraries, OleUninitialize, CoInitializeEx, CLSIDFromProgID, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CoCreateInstance, CoCreateGuid, CoTaskMemAlloc, ReleaseStgMedium, OleGetClipboard, RegisterDragDrop, CoLockObjectExternal, OleCreateMenuDescriptor, OleDestroyMenuDescriptor, OleTranslateAccelerator, IsAccelerator, OleLockRunning, CreateStreamOnHGlobal, OleIsCurrentClipboard, OleFlushClipboard, CoRevokeClassObject, CoRegisterMessageFilter, CoDisconnectObject, RevokeDragDrop, OleDuplicateData, DoDragDrop, CoTaskMemFree, CoInitialize, CoUninitialize
oleacc.dll
AccessibleObjectFromWindow, CreateStdAccessibleObject, LresultFromObject
oledlg.dll
OleUIBusyW
psapi.dll
GetProcessMemoryInfo
shell32.dll
SHGetFolderPathW, DragQueryFileW, SHAppBarMessage, DragFinish, SHGetFileInfoW, SHBrowseForFolderW, SHGetPathFromIDListW, SHGetMalloc, SHGetSpecialFolderLocation, SHGetDesktopFolder, ShellExecuteW, SHGetSpecialFolderPathW
shlwapi.dll
SHQueryValueExW, PathAppendW, UrlUnescapeW, PathRemoveFileSpecW, PathIsUNCW, PathStripToRootW, PathFindFileNameW, PathFindExtensionW, PathFileExistsW
urlmon.dll
URLDownloadToFileW
user32.dll
DllMain
userenv.dll
CreateEnvironmentBlock
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
winhttp.dll
WinHttpQueryDataAvailable, WinHttpAddRequestHeaders, WinHttpOpen, WinHttpConnect, WinHttpCloseHandle, WinHttpOpenRequest, WinHttpSendRequest, WinHttpReceiveResponse, WinHttpReadData
wininet.dll
InternetCrackUrlW, DeleteUrlCacheEntryW, InternetCanonicalizeUrlW
winmm.dll
PlaySoundW
winspool.drv
OpenPrinterW, ClosePrinter, DocumentPropertiesW
wtsapi32.dll
WTSFreeMemory, WTSQuerySessionInformationW, WTSEnumerateSessionsW, WTSQueryUserToken

umbrella.exe

Iminent Protection by Iminent (Signed)

Remove umbrella.exe
Version:   3.14.1.3
MD5:   1ed3834b42cd6ed09aca29739ee55dc0
SHA1:   6a4b132a876704d4b1d6b9cb9ef51367ebae5e55
SHA256:   5530e96e4d67d550721434d70768d58403d186dd35d6f0a367dcb1b867107705
Warning 3 antivirus scanners has detected malware.

Overview

umbrella.exe is malware that runs as a service under the name SProtection within the local user context. The file is digitally signed by Iminent which was issued by the GlobalSign nv-sa certificate authority (CA).

DetailsDetails

File name:umbrella.exe
Publisher:Iminent
Product name:Iminent Protection
Typical file path:C:\Program Files\common files\umbrella\umbrella.exe
File version:3.14.1.3
Size:2.67 MB (2,795,048 bytes)
Certificate
Issued to:Iminent
Authority (CA):GlobalSign nv-sa
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'SProtection'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.9.28 Adware.BGuard.20
Malwarebytes 1.75.0.1 PUP.Optional.Iminent
VIPRE Antivirus 25852 Iminent (fs)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 40.00%
Windows 7 Ultimate 30.00%
Windows Vista Home Premium 10.00%
Windows 8 Pro 10.00%
Microsoft Windows XP 10.00%

Distribution by countryDistribution by country

United States installs about 50.00% of Iminent Protection.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 40.00%
Toshiba 20.00%
Dell 20.00%
Acer 10.00%
Hewlett-Packard 10.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE