Driver Spools Exe
How to Deal with High CPU Usage Spoolsv.exe Problem. The spoolsv.exe executable file handles the printing process on a Microsoft Windows such as Driver Finder.
![driver spools exe](http://4.bp.blogspot.com/-4Pg1QGyMYZY/T8-TpaYLtQI/AAAAAAAAAEw/R-oLwiirHeE/s320/fallo-spoolsv-exe+(1).jpg)
![spools.exe and more](https://static.daniweb.com/icon.png)
- I have had a lot of trouble with spools.exe. I clean it off and it just keeps comming back. This computer, a Dell Dimension 3000, 1.5 GB RAM, sp2, had a lot of.
- Spoolsv.exe Win32/PePatch virus cannot be removed. Started by moomoosg, May 13 2009 AM. This topic is locked; 2 replies to this topic 1 moomoosg moomoosg.
- Spoolsv.exe and services.exe problem - solved; HP Support Forums. Join in the conversation. Search the Community note driver only, no bloated software.
Alright, hopefuly we got it now. :sweat: here is the two logs ya asked for.
ComboFix 08-06-04.5 - Santania Hone 2008-06-06 :57.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1127 GMT -
Running from: C: Documents and Settings Santania Hone Desktop ComboFix.exe
Command switches used :: C: Documents and Settings Santania Hone Desktop CFScript.txt
C: Documents and Settings Administrator ftp34.dll
C: Documents and Settings Santania Hone Application Data Microsoft Windows jidunji.exe
C: Documents and Settings Santania Hone ftp34.dll
C: Program Files Svconr Svconr.exe
C: WINDOWS system32 config systemprofile ftp34.dll
Files Created from 2008-05-06 to 2008-06-06
2008-06-04 . 2008-06-05 d--h----- C: AVG8.VAULT
2008-06-02 . 2008-06-02 96,520 --a------ C: WINDOWS system32 drivers avgldx86.sys
2008-06-02 . 2008-06-02 75,272 --a------ C: WINDOWS system32 drivers avgtdix.sys
2008-06-02 . 2008-06-02 10,520 --a------ C: WINDOWS system32 avgrsstx.dll
2008-06-02 . 2008-06-05 d-------- C: WINDOWS system32 drivers Avg
2008-06-02 . 2008-06-02 d-------- C: Program Files AVG
2008-06-02 . 2008-06-02 d-------- C: Documents and Settings All Users Application Data avg8
2008-06-01 . 2008-06-01 d-------- C: Program Files Trend Micro
2008-06-01 . 2008-06-01 d-------- C: WINDOWS ERUNT
2008-06-01 . 2008-06-01 812,344 --a------ C: analysethis.exe
2008-05-28 . 2008-05-28 54,156 --ah----- C: WINDOWS QTFont.qfn
2008-05-28 . 2008-05-28 1,409 --a------ C: WINDOWS QTFont.for
2008-05-26 . 2008-05-26 d-------- C: Deckard
2008-05-25 . 2008-05-25 d-------- C: backups
2008-05-24 . 2008-05-24 0 --a------ C: WINDOWS system32 drivers New Shortcut
2008-05-23 . 2008-05-23 d-------- C: Documents and Settings Santania Hone Application Data GlarySoft
2008-05-23 . 2008-05-23 d-------- C: Program Files Registry Repair
2008-05-23 . 2008-05-23 d-------- C: Program Files Spybot - Search Destroy
2008-05-23 . 2008-05-23 d-------- C: Documents and Settings All Users Application Data Spybot - Search Destroy
2008-05-21 . 2005-06-30 d-------- C: Documents and Settings Administrator Application Data Jasc Software Inc
2008-05-21 . 2008-06-04 d-------- C: Documents and Settings Administrator
2008-05-21 . 2008-06-02 d-------- C: Documents and Settings All Users Application Data Grisoft
2008-05-20 . 2008-05-20 d-------- C: Documents and Settings All Users Application Data MailFrontier
2008-05-20 . 2008-03-13 75,248 --a------ C: WINDOWS zllsputility.exe
2008-05-20 . 2008-05-20 4,212 --ah----- C: WINDOWS system32 zllictbl.dat
2008-05-20 . 2008-05-20 d-------- C: Program Files Zone Labs
2008-05-20 . 2008-06-06 d-------- C: WINDOWS Internet Logs
2008-05-20 . 2008-05-20 2 --a------ C: WINDOWS msoffice.ini
2008-05-20 . 2008-05-20 d-------- C: Program Files CCleaner
2008-05-20 . 2008-05-23 d-------- C: Program Files Common Files Wise Installation Wizard
2008-05-20 . 2008-05-20 444 --a------ C: WINDOWS system32 d3d8caps.dat
2008-05-13 . 2008-05-13 144 --a------ C: clean.bat
2008-05-13 . 2008-05-13 d-------- C: iSecurity
2008-05-13 . 2008-05-22 1,490,564 ---hs---- C: WINDOWS system32 2364800c__.ini
2008-06-02 --------- d-----w C: Program Files Abbyy FineReader 6.0 Sprint
2008-05-28 --------- d-----w C: Documents and Settings Santania Hone Application Data Apple Computer
2008-05-26 706,194 ----a-w C: WINDOWS Internet Logs tvDebug.zip
2008-05-23 --------- d-----w C: Program Files BFG
2008-05-21 --------- d-----w C: Program Files Common Files mwfo
2008-05-21 1,307,648 ----a-w C: WINDOWS Internet Logs xDB1.tmp
2008-05-20 --------- d-----w C: Program Files Common Files AOL
2008-05-20 --------- d-----w C: Documents and Settings All Users Application Data AOL
2008-05-09 0 --sha-w C: Documents and Settings Santania Hone Application Data 0000000000t.dat
2008-04-30 --------- d-----w C: Program Files iVideo
2008-04-17 --------- d-----w C: Documents and Settings Santania Hone Application Data Skype
2004-08-04 4,096 --sha-w C: WINDOWS system32 1112.dat
snapshot 2008-06-03_ 1.25.38.62
- 2008-06-03 :28 2,048 --s-a-w C: WINDOWS bootstat.dat
2008-06-06 :00 2,048 --s-a-w C: WINDOWS bootstat.dat
- 2008-03-14 :20 152,976 ----a-w C: WINDOWS system32 ZoneLabs lib licenseui.zip.dll
2008-06-03 :36 152,976 ----a-w C: WINDOWS system32 ZoneLabs lib licenseui.zip.dll
Note empty entries legit default entries are not shown
HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Run
ZoneAlarm Client C: Program Files Zone Labs ZoneAlarm zlclient.exe 2008-03-13 919016
AVG8_TRAY C: PROGRA 1 AVG AVG8 avgtray.exe 2008-06-02 1177368
HKEY_USERS. DEFAULT Software Microsoft Windows CurrentVersion RunOnce
FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe 2006-11-09 190072
C: Documents and Settings All Users Start Menu Programs Startup
dlbcserv.lnk - C: Program Files Dell Photo Printer 720 dlbcserv.exe 2005-07-05 :04 315392
HKEY_LOCAL_MACHINE software microsoft windows currentversion policies system
SynchronousMachineGroupPolicy 0 0x0
SynchronousUserGroupPolicy 0 0x0
HKEY_CURRENT_USER software microsoft windows currentversion policies explorer
HKEY_LOCAL_MACHINE software microsoft windows nt currentversion windows
HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup Kodak EasyShare software.lnk
backup C: WINDOWS pss Kodak EasyShare software.lnkCommon Startup
HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup KODAK Software Updater.lnk
path C: Documents and Settings All Users Start Menu Programs Startup KODAK Software Updater.lnk
backup C: WINDOWS pss KODAK Software Updater.lnkCommon Startup
HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup QuickBooks Update Agent.lnk
path C: Documents and Settings All Users Start Menu Programs Startup QuickBooks Update Agent.lnk
backup C: WINDOWS pss QuickBooks Update Agent.lnkCommon Startup
HKLM startupfolder C: Documents and Settings Santania Hone Start Menu Programs Startup LimeWire On Startup.lnk
backup C: WINDOWS pss LimeWire On Startup.lnkStartup
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg 948a3b90
C: WINDOWS system32 __c0084632.dat
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg autoload
C: Documents and Settings Santania Hone cftmon.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg DellTransferAgent
--a------ 2007-11-13 135168 C: Documents and Settings All Users Application Data Dell TransferAgent TransferAgent.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg H/PC Connection Agent
--a------ 2006-11-13 1289000 C: Program Files Microsoft ActiveSync wcescomm.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg JavaCore
C: Program Files JavaCore JavaCore.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Microsoft Windows Adapter 5.1.3214
C: Documents and Settings Santania Hone Application Data haigc.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg MSMSGS
--a------ 2004-10-13 1694208 C: Program Files Messenger msmsgs.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg mwfo
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg MySpaceIM
--a------ 2007-12-07 8720384 C: Program Files MySpace IM MySpaceIM.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg NoDNS
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg ntuser
C: WINDOWS system32 drivers spools.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg SfKg6wIP
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg SpeedRunner
C: Documents and Settings Santania Hone Application Data SpeedRunner SpeedRunner.exe
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Svconr
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Windows update loader
HKEY_LOCAL_MACHINE software microsoft shared tools msconfig services
Viewpoint Manager Service 2 0x2
HKEY_LOCAL_MACHINE software microsoft security center
FirewallOverride dword:00000001
HKEY_LOCAL_MACHINE software microsoft security center Monitoring ZoneLabsFirewall
DisableMonitoring dword:00000001
HKLM services sharedaccess parameters firewallpolicy standardprofile
HKLM services sharedaccess parameters firewallpolicy standardprofile AuthorizedApplications List
C: Program Files Messenger msmsgs.exe
C: Program Files Kodak Kodak EasyShare software bin EasyShare.exe
C: Program Files Kodak KODAK Software Updater 7288971 Program Kodak Software Updater.exe
C: Program Files Internet Explorer IEXPLORE.EXE
C: WINDOWS system32 lxczcoms.exe
C: Program Files Windows Media Player wmplayer.exe
C: Program Files Microsoft ActiveSync rapimgr.exe C: Program Files Microsoft ActiveSync rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
C: Program Files Microsoft ActiveSync wcescomm.exe C: Program Files Microsoft ActiveSync wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
C: Program Files Microsoft ActiveSync WCESMgr.exe C: Program Files Microsoft ActiveSync WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
C: Program Files MySpace IM MySpaceIM.exe
C: Program Files AVG AVG8 avgupd.exe
C: Program Files AVG AVG8 avgemc.exe
HKLM services sharedaccess parameters firewallpolicy standardprofile GloballyOpenPorts List
26675:TCP 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 AvgLdx86;AVG AVI Loader Driver x86;C: WINDOWS system32 Drivers avgldx86.sys 2008-06-02
R2 avg8emc;AVG8 E-mail Scanner;C: PROGRA 1 AVG AVG8 avgemc.exe 2008-06-02
R2 avg8wd;AVG8 WatchDog;C: PROGRA 1 AVG AVG8 avgwdsvc.exe 2008-06-02
R2 AvgTdiX;AVG8 Network Redirector;C: WINDOWS system32 Drivers avgtdix.sys 2008-06-02
S4 lxcz_device;lxcz_device;C: WINDOWS system32 lxczcoms.exe 2007-02-08
S4 Viewpoint Manager Service;Viewpoint Manager Service; C: Program Files Viewpoint Common ViewpointService.exe 2007-01-04
HKEY_CURRENT_USER software microsoft windows currentversion explorer mountpoints2 702fe55c-267d-11dd-9e9d-d844b196e38d
Shell AutoRun command - C: WINDOWS system32 RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
HKEY_CURRENT_USER software microsoft windows currentversion explorer mountpoints2 db92399c-2747-11dd-9ea7-0013205ae6b3
Contents of the Scheduled Tasks folder
2008-03-08 :01 C: WINDOWS Tasks McAfee.com Scan for Viruses - My Computer HONE-Tania. job
- c: program files mcafee.com vso mcmnhdlr.exe
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden autostart entries
------------------------ Other Running Processes ------------------------
C: WINDOWS system32 ZoneLabs vsmon.exe
C: WINDOWS system32 LEXBCES.EXE
C: WINDOWS system32 LEXPPS.EXE
C: Program Files AVG AVG8 avgrsx.exe
Completion time: 2008-06-06 :43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-06 :38
Pre-Run: 60,350,275,584 bytes free
Post-Run: 60,328,120,320 bytes free
204 --- E O F --- 2008-05-22 :01
-------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at :15 AM, on 6/6/2008
Platform: Windows XP SP2 WinNT 5.01.2600
MSIE: Internet Explorer v6.00 SP2 6.00.2900.2180
C: WINDOWS system32 winlogon.exe
C: WINDOWS system32 services.exe
C: WINDOWS system32 svchost.exe
C: WINDOWS System32 svchost.exe
C: WINDOWS system32 spoolsv.exe
C: PROGRA 1 AVG AVG8 avgwdsvc.exe
C: PROGRA 1 AVG AVG8 avgemc.exe
C: Program Files Zone Labs ZoneAlarm zlclient.exe
C: PROGRA 1 AVG AVG8 avgtray.exe
C: Program Files Dell Photo Printer 720 dlbcserv.exe
C: WINDOWS system32 wuauclt.exe
C: Program Files Trend Micro HijackThis HijackThis.exe
R1 - HKLM Software Microsoft Internet Explorer Main,Default_Page_URL 69157
R1 - HKLM Software Microsoft Internet Explorer Main,Default_Search_URL 54896
R1 - HKLM Software Microsoft Internet Explorer Main,Search Page 54896
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - 3CA2F312-6F6E-4B53-A66E-4E65E497C8C0 - C: Program Files AVG AVG8 avgssie.dll
O4 - HKLM. . Run: ZoneAlarm Client C: Program Files Zone Labs ZoneAlarm zlclient.exe
O4 - HKLM. . Run: AVG8_TRAY C: PROGRA 1 AVG AVG8 avgtray.exe
O4 - HKLM. . Run: MSConfig C: WINDOWS pchealth helpctr Binaries MSCONFIG.EXE /auto
O4 - HKCU. . Run: Windows update loader C: Windows xpupdate.exe
O4 - HKCU. . Run: Svconr C: Program Files Svconr Svconr.exe
O4 - HKCU. . Run: SpeedRunner C: Documents and Settings Santania Hone Application Data SpeedRunner SpeedRunner.exe
O4 - HKCU. . Run: SfKg6wIP C: Documents and Settings Santania Hone Application Data Microsoft Windows jidunji.exe
O4 - HKCU. . Run: ntuser C: WINDOWS system32 drivers spools.exe
O4 - HKCU. . Run: MySpaceIM C: Program Files MySpace IM MySpaceIM.exe
O4 - HKCU. . Run: MSMSGS C: Program Files Messenger msmsgs.exe /background
O4 - HKCU. . Run: Microsoft Windows Adapter 5.1.3214 C: Documents and Settings Santania Hone Application Data haigc.exe
O4 - HKCU. . Run: JavaCore C: Program Files JavaCore JavaCore.exe
O4 - HKCU. . Run: H/PC Connection Agent C: Program Files Microsoft ActiveSync wcescomm.exe
O4 - HKCU. . Run: DellTransferAgent C: Documents and Settings All Users Application Data Dell TransferAgent TransferAgent.exe
O4 - HKCU. . Run: autoload C: Documents and Settings Santania Hone cftmon.exe
O4 - HKCU. . Run: 948a3b90 rundll32.exe C: WINDOWS system32 __c0084632.dat, b
O4 - HKUS S-1-5-18. . RunOnce: FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe User SYSTEM
O4 - HKUS. DEFAULT. . RunOnce: FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe User Default user
O4 - Global Startup: dlbcserv.lnk C: Program Files Dell Photo Printer 720 dlbcserv.exe
O4 - Global Startup: KODAK Software Updater.lnk C: Program Files Kodak KODAK Software Updater 7288971 Program Kodak Software Updater.exe
O4 - Global Startup: QuickBooks Update Agent.lnk C: Program Files Common Files Intuit QuickBooks QBUpdate qbupdate.exe
O9 - Extra button: no name - 08B0E5C0-4FCB-11CF-AAA5-00401C608501 - C: Program Files Java j2re1.4.2_03 bin npjpi142_03.dll
O9 - Extra Tools menuitem: Sun Java Console - 08B0E5C0-4FCB-11CF-AAA5-00401C608501 - C: Program Files Java j2re1.4.2_03 bin npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - 2EAF5BB1-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll
O9 - Extra button: no name - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll
O9 - Extra Tools menuitem: Create Mobile Favorite - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll
O9 - Extra button: Real.com - CD67F990-D8E9-11d2-98FE-00C0F0318AFE - C: WINDOWS system32 Shdocvw.dll
O18 - Protocol: linkscanner - F274614C-63F8-47D5-A4D1-FBDDE494F8D1 - C: Program Files AVG AVG8 avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner avg8emc - AVG Technologies CZ, s.r.o. - C: PROGRA 1 AVG AVG8 avgemc.exe
O23 - Service: AVG8 WatchDog avg8wd - AVG Technologies CZ, s.r.o. - C: PROGRA 1 AVG AVG8 avgwdsvc.exe
O23 - Service: Kodak Camera Connection Software KodakCCS - Eastman Kodak Company - C: WINDOWS system32 drivers KodakCCS.exe
O23 - Service: LexBce Server LexBceS - Lexmark International, Inc. - C: WINDOWS system32 LEXBCES.EXE
O23 - Service: Intel NCS NetService NetSvc - Intel R Corporation - C: Program Files Intel PROSetWired NCS Sync NetSvc.exe
O23 - Service: TrueVector Internet Monitor vsmon - Zone Labs, LLC - C: WINDOWS system32 ZoneLabs vsmon.exe
----------------------------------------------------------------------------------------------------
Just let me know what else may need done :icon_smile: crunchie 990 7 Years Ago
Can you please do the following.
Scan with HijackThis and then place a check next to all the following, if present:
Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click Fix checked.
Locate and delete the following item s, if present. Make sure you are able to view system and hidden files/ folders:
Note that some of these file s /folder s may or may not be present. If present, and cannot be deleted because they re in use, try deleting them in Safe Mode by doing the following:
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear.
Select the first option to run Windows in Safe Mode hit enter.
After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now. Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago
I looked for EVERYTHING tha you wanted me to. I didn t find NONE of them. All the hidden files and folders and system folders are enabled to be viewed. I m confused. After enabeling all files and folders I did find a Zango Toolbar folder in program files. I deleted that folder before I went searching for all tha ya wanted me to. Maybe all that bad stuff was in it Here is a new HijackThis log.
Scan saved at :05 PM, on 6/7/2008
C: PROGRA 1 AVG AVG8 avgrsx.exe
Let me know what ya think, please. Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago
I have used ZA before and found it to be too annoying with it s pop ups. It was also very difficult to remove. Comodo has great reviews also.
Certain entries in the log, or symptoms on the pc tell which tool to run. Something which one hopefully gets to recognise over time :D.
Spyware blaster is only run in order to update. It adds entries to the registry to prevent certain unwelcome visitors from entering. Once updated and you have enabled all protection, you simply shut it down.
Let s get rid of Combofix now that we are finished with it. Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
When shown the disclaimer, Select 2
The above procedure will: Delete the following: ComboFix and its associated files and folders.
The C: Deckard folder, if present
The C:_OtMoveIt folder, if present
Hide file extensions, if required.
Hide System/Hidden files, if required.
Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago poeg 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago
Question Answered 7 Years Ago by
What is spools.exe?
![driver spools exe](http://2.bp.blogspot.com/-3utg8mJQlp4/T8-TqRaIZ9I/AAAAAAAAAE4/XXVJ4kjr5cM/s1600/fallo-spoolsv-exe+%25282%2529.jpg)
Purpose: spools.exe - Harmful trojan horse program. May cause system errors to pop up, listing the file spools.exe in the dialog. Remove immediately.
The process known as Setup/Uninstall appears to belong to software MetaFrame Presentation Server or 45fdf rfgf by 589ukjh.
Description: Spools.exe is not essential for Windows and will often cause problems. The file spools.exe is located in the C: Windows System32 drivers folder.
Known file sizes on Windows 10/8/7/XP are 28,160 bytes 7 of all occurrences, 13,312 bytes and 54 more variants.
The file is a file with no information about its developer. It is not a Windows core file. The program starts when Windows starts see Registry key: MACHINE Run, Run, DEFAULT Run, exefile, MACHINE RunServices.
The program has no visible window. Spools.exe is an unknown file in the Windows folder.
Spools.exe is able to record keyboard and mouse inputs and monitor applications.
Therefore the technical security rating is 91 dangerous; however you should also read the user reviews.
If you want to remove the program completely, go to Control Panel Software Gehalt Lohn 2005 or Adobe Acrobat.
Recommended: Identify spools.exe related errors
If spools.exe is located in the C: Windows System32 folder, the security rating is 82 dangerous. The file size is 671,232 bytes 26 of all occurrences, 2,125,312 bytes and 8 more variants.
The spools.exe file is a file with no information about its developer. The file is not a Windows system file. The program is not visible. The spools.exe file is an unknown file in the Windows folder. The process uses ports to connect to or from a LAN or the Internet. The process starts upon Windows startup see Registry key: MACHINE Run, Run, DEFAULT Run, exefile, MACHINE RunServices.
Spools.exe is able to hide itself, record keyboard and mouse inputs, monitor applications and manipulate other programs.
If spools.exe is located in a subfolder of C: Program Files, the security rating is 74 dangerous. The file size is 610,816 bytes.
Spools.exe is a file with no information about its developer. The program has no visible window. The application uses ports to connect to or from a LAN or the Internet. The file is not a Windows system file.
Spools.exe is able to hide itself.
External information from Paul Collins:
There are different files with the same name:
Microsoft Windows Update definitely not required. Added by the SDBOT.TD WORM.
Print Spooler definitely not required. Added by the RBOT-LD WORM.
Important: Some malware also uses the file name spools.exe, for example TROJ_RENOS.AFA or TROJ_SMALL.KFO detected by TrendMicro, and Trojan.Win32.FraudPack.gen or Trojan-Downloader.Win32.Small.vrv detected by Kaspersky. Therefore, you should check the spools.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer s security. This was one of the Top Download Picks of The Washington Post and PC World.
Best practices for resolving spools issues
A clean and tidy computer is the key requirement for avoiding problems with spools. This means running a scan for malware, cleaning your hard drive using cleanmgr and sfc /scannow, uninstalling programs that you no longer need, checking for Autostart programs using msconfig and enabling Windows Automatic Update. Always remember to perform periodic backups, or at least to set restore points.
Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.
To help you analyze the spools.exe process on your computer, the following programs have proven to be helpful: Security Task Manager displays all running Windows tasks, including embedded hidden processes, such as keyboard and browser monitoring or Autostart entries. A unique security risk rating indicates the likelihood of the process being potential spyware, malware or a Trojan. Malwarebytes Anti-Malware detects and removes sleeping spyware, adware, Trojans, keyloggers, malware and trackers from your hard drive.
mcpcore.dll context.dll gregsvc.exe spools.exe mfc42loc.dll r3hook.dll oem02mon.exe jsloader.dll enodpl.sys dapbho.dll acu.exe all.