NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Puregirls. Description and removal instructions

 
Title: Puregirls
 Also known as: Gurepirls
Type: Trojans
Severity scale:Puregirls severity is 55  (55 / 100)
 
Puregirls, also known as Gurepirls, is a trojan that steals e-mail addresses from a compromised computer and uses them to register the victim for a pornographic service without his or her knowledge and consent. Once executed, the parasite gathers e-mail addresses and current mail configuration details and sends collected data to a predetermined web site. Then it registers the user and continuously displays a message in Japanese asking the victim to pay a fee for a pornographic service. Puregirls automatically runs as a system service on every Windows startup.

FORUM:
Discuss Puregirls in
spyware removal forum

Puregirls properties:
• Shows commercial adverts
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Puregirls removal:

remover for Puregirls

Puregirls manual removal:

Kill processes:
aclservice.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AclService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AclService
HKEY_CLASSES_ROOT\ACL.AclCtrl.1
HKEY_CLASSES_ROOT\AppID\aclservice.exe
HKEY_CLASSES_ROOT\AppID\{ADF47FB7-7FE7-4229-BA1F-19C6B7D936A1}
HKEY_CLASSES_ROOT\CLSID\{1B4066DD-C7E6-426D-BDD5-458954FE51FF}
HKEY_CLASSES_ROOT\CLSID\{A12A4BD2-9A1E-4536-A9C7-202A7F13ADCC}
HKEY_CLASSES_ROOT\Interface\{1D7BA44B-FBB4-4D6F-BC74-0917DAD0C605}
HKEY_CLASSES_ROOT\Interface\{65E32B18-9689-4D58-B891-56E7CE65C6C0}
HKEY_CLASSES_ROOT\TypeLib\{049FD307-FB79-489F-8AB4-4FC73A1F59B5}
HKEY_CLASSES_ROOT\TypeLib\{4FE80730-2A8B-4E96-BF40-D73FE8DAF980}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\%System%/aclservice.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\%System%/acl.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\%System%/acl.bmp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1B4066DD-C7E6-426D-BDD5-458954FE51FF}
HKEY_LOCAL_MACHINE\SOFTWARE\puregirls.tv
HELP:
how to remove registry entries

Delete files:
aclservice.exe, acl.ocx, acl.bmp
HELP:
how to remove harmful files

Misc:
The trojan is related to the www.puregirls.tv web site.

Most Puregirls files can be found in default system directory, which is C:\Windows\System32 or C:\Winnt\System32.

Other programs to remove Puregirls:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 07/12/05
Information updated: 07/12/05

Additional resources related to Puregirls:

Attention: If you know or you have a website or page about Puregirls removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Puregirls parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.