Remove %PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE malware

%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE Malware Removal Guide

Manual removal instructions:

Antivirus Report of %PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE:
%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE Malware
%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXEDangerous
%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXEHigh Risk
%program files%\upaurorabrowser\upaurora.exe
Full path on a computer: %PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE
Autostart registry keys:
HKLM\Software\Clients\StartMenuInternet\UpAurora.exe
HKLM\Software\Clients\StartMenuInternet\UpAurora.exe\shell
HKLM\Software\Clients\StartMenuInternet\UpAurora.exe\shell\open
HKLM\Software\Clients\StartMenuInternet\UpAurora.exe\shell\open\command
HKLM\SOFTWARE\CLASSES\UPAURORACHPROGID\SHELL\OPEN\COMMAND\: ""%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE" "%1""
HKLM\SOFTWARE\CLASSES\UPAURORACHPROGID\DEFAULTICON\: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE,1"
HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\UPAURORA.EXE\SHELL\OPEN\COMMAND\: ""%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE""
HKLM\Software\Clients\StartMenuInternet\UpAurora.exe\LocalizedString: 55 70 41 75 72 6F 72 61 00 13
HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\UPAURORABROWSER.EXE\SHELL\OPEN\COMMAND\: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\UPAURORABROWSER.EXE\: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{2824E308-CEAC-4841-9E17-A9076365CFD7}\DISPLAYICON: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE"
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION\UpAurora.exe: 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG\UpAurora.exe: 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\UpAurora.exe: 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING_V2\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT\UpAurora.exe: 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\UpAurora.exe: 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TABBED_BROWSING\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS\UpAurora.exe: 0x00000001
HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION\UpAurora.exe: 0x00000001
HKLM\SOFTWARE\CLASSES\HTMLFILE\DEFAULTICON\: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE,1"
HKLM\SOFTWARE\CLASSES\HTMLFILE\SHELL\OPEN\COMMAND\: ""%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE" "%1""
HKLM\SOFTWARE\CLASSES\MHTMLFILE\DEFAULTICON\: "%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE,1"
HKLM\SOFTWARE\CLASSES\MHTMLFILE\SHELL\OPEN\COMMAND\: ""%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE" "%1""
HKLM\Software\Clients\StartMenuInternet\: "UpAurora.exe"
HKLM\Software\Microsoft\Direct3D\MostRecentApplication\Name: "UpAurora.exe"
HKLM\Software\Microsoft\DirectDraw\MostRecentApplication\Name: "UpAurora.exe"
Related Files:
%PROGRAM FILES%\UPAURORABROWSER\INSTALLER\UNINST.EXE
%PROGRAM FILES%\UPAURORABROWSER\INSTALLER\UPAURORAKERNELSERVICE.EXE
%PROGRAM FILES%\UPAURORABROWSER\UPAURORA.EXE
%PROGRAM FILES%\UPAURORABROWSER\USER_CACHE\COOKIES\DEFAULT\INDEX.DAT
%PROGRAM FILES%\UPAURORABROWSER\USER_CACHE\TEMPORARY\DEFAULT\ANTIPHISHING\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.DAT

The file UPAURORA.EXE is malware related.
You must delete the file UPAURORA.EXE immediately!
Delete the file UPAURORA.EXE without delay!
Kill the process UPAURORA.EXE and remove UPAURORA.EXE from the Windows startup.
UPAURORA.EXE is related to: PE:Malware.Generic(Thunder)!1.A1C4 [F], UPAURORA.EXE.
Virustotal = 4/55
MD5 = 907D5692B63481DFED9BB1E8E7A0A27A
File Size: 4191280

Remove UPAURORA.EXE now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.