Driver Spools Exe

How to Deal with High CPU Usage Spoolsv.exe Problem. The spoolsv.exe executable file handles the printing process on a Microsoft Windows such as Driver Finder.

driver spools exe spools.exe and more
  • I have had a lot of trouble with spools.exe. I clean it off and it just keeps comming back. This computer, a Dell Dimension 3000, 1.5 GB RAM, sp2, had a lot of.
  • Spoolsv.exe Win32/PePatch virus cannot be removed. Started by moomoosg, May 13 2009 AM. This topic is locked; 2 replies to this topic 1 moomoosg moomoosg.
  • Spoolsv.exe and services.exe problem - solved; HP Support Forums. Join in the conversation. Search the Community note driver only, no bloated software.

Alright, hopefuly we got it now. :sweat: here is the two logs ya asked for.

ComboFix 08-06-04.5 - Santania Hone 2008-06-06 :57.4 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1127 GMT -

Running from: C: Documents and Settings Santania Hone Desktop ComboFix.exe

Command switches used :: C: Documents and Settings Santania Hone Desktop CFScript.txt

C: Documents and Settings Administrator ftp34.dll

C: Documents and Settings Santania Hone Application Data Microsoft Windows jidunji.exe

C: Documents and Settings Santania Hone ftp34.dll

C: Program Files Svconr Svconr.exe

C: WINDOWS system32 config systemprofile ftp34.dll

Files Created from 2008-05-06 to 2008-06-06

2008-06-04 . 2008-06-05 d--h----- C: AVG8.VAULT

2008-06-02 . 2008-06-02 96,520 --a------ C: WINDOWS system32 drivers avgldx86.sys

2008-06-02 . 2008-06-02 75,272 --a------ C: WINDOWS system32 drivers avgtdix.sys

2008-06-02 . 2008-06-02 10,520 --a------ C: WINDOWS system32 avgrsstx.dll

2008-06-02 . 2008-06-05 d-------- C: WINDOWS system32 drivers Avg

2008-06-02 . 2008-06-02 d-------- C: Program Files AVG

2008-06-02 . 2008-06-02 d-------- C: Documents and Settings All Users Application Data avg8

2008-06-01 . 2008-06-01 d-------- C: Program Files Trend Micro

2008-06-01 . 2008-06-01 d-------- C: WINDOWS ERUNT

2008-06-01 . 2008-06-01 812,344 --a------ C: analysethis.exe

2008-05-28 . 2008-05-28 54,156 --ah----- C: WINDOWS QTFont.qfn

2008-05-28 . 2008-05-28 1,409 --a------ C: WINDOWS QTFont.for

2008-05-26 . 2008-05-26 d-------- C: Deckard

2008-05-25 . 2008-05-25 d-------- C: backups

2008-05-24 . 2008-05-24 0 --a------ C: WINDOWS system32 drivers New Shortcut

2008-05-23 . 2008-05-23 d-------- C: Documents and Settings Santania Hone Application Data GlarySoft

2008-05-23 . 2008-05-23 d-------- C: Program Files Registry Repair

2008-05-23 . 2008-05-23 d-------- C: Program Files Spybot - Search Destroy

2008-05-23 . 2008-05-23 d-------- C: Documents and Settings All Users Application Data Spybot - Search Destroy

2008-05-21 . 2005-06-30 d-------- C: Documents and Settings Administrator Application Data Jasc Software Inc

2008-05-21 . 2008-06-04 d-------- C: Documents and Settings Administrator

2008-05-21 . 2008-06-02 d-------- C: Documents and Settings All Users Application Data Grisoft

2008-05-20 . 2008-05-20 d-------- C: Documents and Settings All Users Application Data MailFrontier

2008-05-20 . 2008-03-13 75,248 --a------ C: WINDOWS zllsputility.exe

2008-05-20 . 2008-05-20 4,212 --ah----- C: WINDOWS system32 zllictbl.dat

2008-05-20 . 2008-05-20 d-------- C: Program Files Zone Labs

2008-05-20 . 2008-06-06 d-------- C: WINDOWS Internet Logs

2008-05-20 . 2008-05-20 2 --a------ C: WINDOWS msoffice.ini

2008-05-20 . 2008-05-20 d-------- C: Program Files CCleaner

2008-05-20 . 2008-05-23 d-------- C: Program Files Common Files Wise Installation Wizard

2008-05-20 . 2008-05-20 444 --a------ C: WINDOWS system32 d3d8caps.dat

2008-05-13 . 2008-05-13 144 --a------ C: clean.bat

2008-05-13 . 2008-05-13 d-------- C: iSecurity

2008-05-13 . 2008-05-22 1,490,564 ---hs---- C: WINDOWS system32 2364800c__.ini

2008-06-02 --------- d-----w C: Program Files Abbyy FineReader 6.0 Sprint

2008-05-28 --------- d-----w C: Documents and Settings Santania Hone Application Data Apple Computer

2008-05-26 706,194 ----a-w C: WINDOWS Internet Logs tvDebug.zip

2008-05-23 --------- d-----w C: Program Files BFG

2008-05-21 --------- d-----w C: Program Files Common Files mwfo

2008-05-21 1,307,648 ----a-w C: WINDOWS Internet Logs xDB1.tmp

2008-05-20 --------- d-----w C: Program Files Common Files AOL

2008-05-20 --------- d-----w C: Documents and Settings All Users Application Data AOL

2008-05-09 0 --sha-w C: Documents and Settings Santania Hone Application Data 0000000000t.dat

2008-04-30 --------- d-----w C: Program Files iVideo

2008-04-17 --------- d-----w C: Documents and Settings Santania Hone Application Data Skype

2004-08-04 4,096 --sha-w C: WINDOWS system32 1112.dat

snapshot 2008-06-03_ 1.25.38.62

- 2008-06-03 :28 2,048 --s-a-w C: WINDOWS bootstat.dat

2008-06-06 :00 2,048 --s-a-w C: WINDOWS bootstat.dat

- 2008-03-14 :20 152,976 ----a-w C: WINDOWS system32 ZoneLabs lib licenseui.zip.dll

2008-06-03 :36 152,976 ----a-w C: WINDOWS system32 ZoneLabs lib licenseui.zip.dll

Note empty entries legit default entries are not shown

HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Run

ZoneAlarm Client C: Program Files Zone Labs ZoneAlarm zlclient.exe 2008-03-13 919016

AVG8_TRAY C: PROGRA 1 AVG AVG8 avgtray.exe 2008-06-02 1177368

HKEY_USERS. DEFAULT Software Microsoft Windows CurrentVersion RunOnce

FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe 2006-11-09 190072

C: Documents and Settings All Users Start Menu Programs Startup

dlbcserv.lnk - C: Program Files Dell Photo Printer 720 dlbcserv.exe 2005-07-05 :04 315392

HKEY_LOCAL_MACHINE software microsoft windows currentversion policies system

SynchronousMachineGroupPolicy 0 0x0

SynchronousUserGroupPolicy 0 0x0

HKEY_CURRENT_USER software microsoft windows currentversion policies explorer

HKEY_LOCAL_MACHINE software microsoft windows nt currentversion windows

HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup Kodak EasyShare software.lnk

backup C: WINDOWS pss Kodak EasyShare software.lnkCommon Startup

HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup KODAK Software Updater.lnk

path C: Documents and Settings All Users Start Menu Programs Startup KODAK Software Updater.lnk

backup C: WINDOWS pss KODAK Software Updater.lnkCommon Startup

HKLM startupfolder C: Documents and Settings All Users Start Menu Programs Startup QuickBooks Update Agent.lnk

path C: Documents and Settings All Users Start Menu Programs Startup QuickBooks Update Agent.lnk

backup C: WINDOWS pss QuickBooks Update Agent.lnkCommon Startup

HKLM startupfolder C: Documents and Settings Santania Hone Start Menu Programs Startup LimeWire On Startup.lnk

backup C: WINDOWS pss LimeWire On Startup.lnkStartup

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg 948a3b90

C: WINDOWS system32 __c0084632.dat

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg autoload

C: Documents and Settings Santania Hone cftmon.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg DellTransferAgent

--a------ 2007-11-13 135168 C: Documents and Settings All Users Application Data Dell TransferAgent TransferAgent.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg H/PC Connection Agent

--a------ 2006-11-13 1289000 C: Program Files Microsoft ActiveSync wcescomm.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg JavaCore

C: Program Files JavaCore JavaCore.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Microsoft Windows Adapter 5.1.3214

C: Documents and Settings Santania Hone Application Data haigc.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg MSMSGS

--a------ 2004-10-13 1694208 C: Program Files Messenger msmsgs.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg mwfo

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg MySpaceIM

--a------ 2007-12-07 8720384 C: Program Files MySpace IM MySpaceIM.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg NoDNS

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg ntuser

C: WINDOWS system32 drivers spools.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg SfKg6wIP

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg SpeedRunner

C: Documents and Settings Santania Hone Application Data SpeedRunner SpeedRunner.exe

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Svconr

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig startupreg Windows update loader

HKEY_LOCAL_MACHINE software microsoft shared tools msconfig services

Viewpoint Manager Service 2 0x2

HKEY_LOCAL_MACHINE software microsoft security center

FirewallOverride dword:00000001

HKEY_LOCAL_MACHINE software microsoft security center Monitoring ZoneLabsFirewall

DisableMonitoring dword:00000001

HKLM services sharedaccess parameters firewallpolicy standardprofile

HKLM services sharedaccess parameters firewallpolicy standardprofile AuthorizedApplications List

C: Program Files Messenger msmsgs.exe

C: Program Files Kodak Kodak EasyShare software bin EasyShare.exe

C: Program Files Kodak KODAK Software Updater 7288971 Program Kodak Software Updater.exe

C: Program Files Internet Explorer IEXPLORE.EXE

C: WINDOWS system32 lxczcoms.exe

C: Program Files Windows Media Player wmplayer.exe

C: Program Files Microsoft ActiveSync rapimgr.exe C: Program Files Microsoft ActiveSync rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

C: Program Files Microsoft ActiveSync wcescomm.exe C: Program Files Microsoft ActiveSync wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

C: Program Files Microsoft ActiveSync WCESMgr.exe C: Program Files Microsoft ActiveSync WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

C: Program Files MySpace IM MySpaceIM.exe

C: Program Files AVG AVG8 avgupd.exe

C: Program Files AVG AVG8 avgemc.exe

HKLM services sharedaccess parameters firewallpolicy standardprofile GloballyOpenPorts List

26675:TCP 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 AvgLdx86;AVG AVI Loader Driver x86;C: WINDOWS system32 Drivers avgldx86.sys 2008-06-02

R2 avg8emc;AVG8 E-mail Scanner;C: PROGRA 1 AVG AVG8 avgemc.exe 2008-06-02

R2 avg8wd;AVG8 WatchDog;C: PROGRA 1 AVG AVG8 avgwdsvc.exe 2008-06-02

R2 AvgTdiX;AVG8 Network Redirector;C: WINDOWS system32 Drivers avgtdix.sys 2008-06-02

S4 lxcz_device;lxcz_device;C: WINDOWS system32 lxczcoms.exe 2007-02-08

S4 Viewpoint Manager Service;Viewpoint Manager Service; C: Program Files Viewpoint Common ViewpointService.exe 2007-01-04

HKEY_CURRENT_USER software microsoft windows currentversion explorer mountpoints2 702fe55c-267d-11dd-9e9d-d844b196e38d

Shell AutoRun command - C: WINDOWS system32 RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

HKEY_CURRENT_USER software microsoft windows currentversion explorer mountpoints2 db92399c-2747-11dd-9ea7-0013205ae6b3

Contents of the Scheduled Tasks folder

2008-03-08 :01 C: WINDOWS Tasks McAfee.com Scan for Viruses - My Computer HONE-Tania. job

- c: program files mcafee.com vso mcmnhdlr.exe

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden autostart entries

------------------------ Other Running Processes ------------------------

C: WINDOWS system32 ZoneLabs vsmon.exe

C: WINDOWS system32 LEXBCES.EXE

C: WINDOWS system32 LEXPPS.EXE

C: Program Files AVG AVG8 avgrsx.exe

Completion time: 2008-06-06 :43 - machine was rebooted

ComboFix-quarantined-files.txt 2008-06-06 :38

Pre-Run: 60,350,275,584 bytes free

Post-Run: 60,328,120,320 bytes free

204 --- E O F --- 2008-05-22 :01

-------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at :15 AM, on 6/6/2008

Platform: Windows XP SP2 WinNT 5.01.2600

MSIE: Internet Explorer v6.00 SP2 6.00.2900.2180

C: WINDOWS system32 winlogon.exe

C: WINDOWS system32 services.exe

C: WINDOWS system32 svchost.exe

C: WINDOWS System32 svchost.exe

C: WINDOWS system32 spoolsv.exe

C: PROGRA 1 AVG AVG8 avgwdsvc.exe

C: PROGRA 1 AVG AVG8 avgemc.exe

C: Program Files Zone Labs ZoneAlarm zlclient.exe

C: PROGRA 1 AVG AVG8 avgtray.exe

C: Program Files Dell Photo Printer 720 dlbcserv.exe

C: WINDOWS system32 wuauclt.exe

C: Program Files Trend Micro HijackThis HijackThis.exe

R1 - HKLM Software Microsoft Internet Explorer Main,Default_Page_URL 69157

R1 - HKLM Software Microsoft Internet Explorer Main,Default_Search_URL 54896

R1 - HKLM Software Microsoft Internet Explorer Main,Search Page 54896

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - 3CA2F312-6F6E-4B53-A66E-4E65E497C8C0 - C: Program Files AVG AVG8 avgssie.dll

O4 - HKLM. . Run: ZoneAlarm Client C: Program Files Zone Labs ZoneAlarm zlclient.exe

O4 - HKLM. . Run: AVG8_TRAY C: PROGRA 1 AVG AVG8 avgtray.exe

O4 - HKLM. . Run: MSConfig C: WINDOWS pchealth helpctr Binaries MSCONFIG.EXE /auto

O4 - HKCU. . Run: Windows update loader C: Windows xpupdate.exe

O4 - HKCU. . Run: Svconr C: Program Files Svconr Svconr.exe

O4 - HKCU. . Run: SpeedRunner C: Documents and Settings Santania Hone Application Data SpeedRunner SpeedRunner.exe

O4 - HKCU. . Run: SfKg6wIP C: Documents and Settings Santania Hone Application Data Microsoft Windows jidunji.exe

O4 - HKCU. . Run: ntuser C: WINDOWS system32 drivers spools.exe

O4 - HKCU. . Run: MySpaceIM C: Program Files MySpace IM MySpaceIM.exe

O4 - HKCU. . Run: MSMSGS C: Program Files Messenger msmsgs.exe /background

O4 - HKCU. . Run: Microsoft Windows Adapter 5.1.3214 C: Documents and Settings Santania Hone Application Data haigc.exe

O4 - HKCU. . Run: JavaCore C: Program Files JavaCore JavaCore.exe

O4 - HKCU. . Run: H/PC Connection Agent C: Program Files Microsoft ActiveSync wcescomm.exe

O4 - HKCU. . Run: DellTransferAgent C: Documents and Settings All Users Application Data Dell TransferAgent TransferAgent.exe

O4 - HKCU. . Run: autoload C: Documents and Settings Santania Hone cftmon.exe

O4 - HKCU. . Run: 948a3b90 rundll32.exe C: WINDOWS system32 __c0084632.dat, b

O4 - HKUS S-1-5-18. . RunOnce: FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe User SYSTEM

O4 - HKUS. DEFAULT. . RunOnce: FlashPlayerUpdate C: WINDOWS system32 Macromed Flash FlashUtil9b.exe User Default user

O4 - Global Startup: dlbcserv.lnk C: Program Files Dell Photo Printer 720 dlbcserv.exe

O4 - Global Startup: KODAK Software Updater.lnk C: Program Files Kodak KODAK Software Updater 7288971 Program Kodak Software Updater.exe

O4 - Global Startup: QuickBooks Update Agent.lnk C: Program Files Common Files Intuit QuickBooks QBUpdate qbupdate.exe

O9 - Extra button: no name - 08B0E5C0-4FCB-11CF-AAA5-00401C608501 - C: Program Files Java j2re1.4.2_03 bin npjpi142_03.dll

O9 - Extra Tools menuitem: Sun Java Console - 08B0E5C0-4FCB-11CF-AAA5-00401C608501 - C: Program Files Java j2re1.4.2_03 bin npjpi142_03.dll

O9 - Extra button: Create Mobile Favorite - 2EAF5BB1-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll

O9 - Extra button: no name - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll

O9 - Extra Tools menuitem: Create Mobile Favorite - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - C: PROGRA 1 MICROS 4 INetRepl.dll

O9 - Extra button: Real.com - CD67F990-D8E9-11d2-98FE-00C0F0318AFE - C: WINDOWS system32 Shdocvw.dll

O18 - Protocol: linkscanner - F274614C-63F8-47D5-A4D1-FBDDE494F8D1 - C: Program Files AVG AVG8 avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: AVG8 E-mail Scanner avg8emc - AVG Technologies CZ, s.r.o. - C: PROGRA 1 AVG AVG8 avgemc.exe

O23 - Service: AVG8 WatchDog avg8wd - AVG Technologies CZ, s.r.o. - C: PROGRA 1 AVG AVG8 avgwdsvc.exe

O23 - Service: Kodak Camera Connection Software KodakCCS - Eastman Kodak Company - C: WINDOWS system32 drivers KodakCCS.exe

O23 - Service: LexBce Server LexBceS - Lexmark International, Inc. - C: WINDOWS system32 LEXBCES.EXE

O23 - Service: Intel NCS NetService NetSvc - Intel R Corporation - C: Program Files Intel PROSetWired NCS Sync NetSvc.exe

O23 - Service: TrueVector Internet Monitor vsmon - Zone Labs, LLC - C: WINDOWS system32 ZoneLabs vsmon.exe

----------------------------------------------------------------------------------------------------

Just let me know what else may need done :icon_smile: crunchie 990 7 Years Ago

Can you please do the following.

Scan with HijackThis and then place a check next to all the following, if present:

Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click Fix checked.

Locate and delete the following item s, if present. Make sure you are able to view system and hidden files/ folders:

Note that some of these file s /folder s may or may not be present. If present, and cannot be deleted because they re in use, try deleting them in Safe Mode by doing the following:

After hearing your computer beep once during startup, but before the Windows icon appears, press F8.

Instead of Windows loading as normal, a menu should appear.

Select the first option to run Windows in Safe Mode hit enter.

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now. Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago

I looked for EVERYTHING tha you wanted me to. I didn t find NONE of them. All the hidden files and folders and system folders are enabled to be viewed. I m confused. After enabeling all files and folders I did find a Zango Toolbar folder in program files. I deleted that folder before I went searching for all tha ya wanted me to. Maybe all that bad stuff was in it Here is a new HijackThis log.

Scan saved at :05 PM, on 6/7/2008

C: PROGRA 1 AVG AVG8 avgrsx.exe

Let me know what ya think, please. Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago

I have used ZA before and found it to be too annoying with it s pop ups. It was also very difficult to remove. Comodo has great reviews also.

Certain entries in the log, or symptoms on the pc tell which tool to run. Something which one hopefully gets to recognise over time :D.

Spyware blaster is only run in order to update. It adds entries to the registry to prevent certain unwelcome visitors from entering. Once updated and you have enabled all protection, you simply shut it down.

Let s get rid of Combofix now that we are finished with it. Click START then RUN

Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

When shown the disclaimer, Select 2

The above procedure will: Delete the following: ComboFix and its associated files and folders.

The C: Deckard folder, if present

The C:_OtMoveIt folder, if present

Hide file extensions, if required.

Hide System/Hidden files, if required.

Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago crunchie 990 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago poeg 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago Discussion Starter Tumbleweedracef 44 7 Years Ago

Question Answered 7 Years Ago by

What is spools.exe?

driver spools exe

Purpose: spools.exe - Harmful trojan horse program. May cause system errors to pop up, listing the file spools.exe in the dialog. Remove immediately.

The process known as Setup/Uninstall appears to belong to software MetaFrame Presentation Server or 45fdf rfgf by 589ukjh.

Description: Spools.exe is not essential for Windows and will often cause problems. The file spools.exe is located in the C: Windows System32 drivers folder.

Known file sizes on Windows 10/8/7/XP are 28,160 bytes 7 of all occurrences, 13,312 bytes and 54 more variants.

The file is a file with no information about its developer. It is not a Windows core file. The program starts when Windows starts see Registry key: MACHINE Run, Run, DEFAULT Run, exefile, MACHINE RunServices.

The program has no visible window. Spools.exe is an unknown file in the Windows folder.

Spools.exe is able to record keyboard and mouse inputs and monitor applications.

Therefore the technical security rating is 91 dangerous; however you should also read the user reviews.

If you want to remove the program completely, go to Control Panel Software Gehalt Lohn 2005 or Adobe Acrobat.

Recommended: Identify spools.exe related errors

If spools.exe is located in the C: Windows System32 folder, the security rating is 82 dangerous. The file size is 671,232 bytes 26 of all occurrences, 2,125,312 bytes and 8 more variants.

The spools.exe file is a file with no information about its developer. The file is not a Windows system file. The program is not visible. The spools.exe file is an unknown file in the Windows folder. The process uses ports to connect to or from a LAN or the Internet. The process starts upon Windows startup see Registry key: MACHINE Run, Run, DEFAULT Run, exefile, MACHINE RunServices.

Spools.exe is able to hide itself, record keyboard and mouse inputs, monitor applications and manipulate other programs.

If spools.exe is located in a subfolder of C: Program Files, the security rating is 74 dangerous. The file size is 610,816 bytes.

Spools.exe is a file with no information about its developer. The program has no visible window. The application uses ports to connect to or from a LAN or the Internet. The file is not a Windows system file.

Spools.exe is able to hide itself.

External information from Paul Collins:

There are different files with the same name:

Microsoft Windows Update definitely not required. Added by the SDBOT.TD WORM.

Print Spooler definitely not required. Added by the RBOT-LD WORM.

Important: Some malware also uses the file name spools.exe, for example TROJ_RENOS.AFA or TROJ_SMALL.KFO detected by TrendMicro, and Trojan.Win32.FraudPack.gen or Trojan-Downloader.Win32.Small.vrv detected by Kaspersky. Therefore, you should check the spools.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer s security. This was one of the Top Download Picks of The Washington Post and PC World.

Best practices for resolving spools issues

A clean and tidy computer is the key requirement for avoiding problems with spools. This means running a scan for malware, cleaning your hard drive using cleanmgr and sfc /scannow, uninstalling programs that you no longer need, checking for Autostart programs using msconfig and enabling Windows Automatic Update. Always remember to perform periodic backups, or at least to set restore points.

Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.

To help you analyze the spools.exe process on your computer, the following programs have proven to be helpful: Security Task Manager displays all running Windows tasks, including embedded hidden processes, such as keyboard and browser monitoring or Autostart entries. A unique security risk rating indicates the likelihood of the process being potential spyware, malware or a Trojan. Malwarebytes Anti-Malware detects and removes sleeping spyware, adware, Trojans, keyloggers, malware and trackers from your hard drive.

mcpcore.dll context.dll gregsvc.exe spools.exe mfc42loc.dll r3hook.dll oem02mon.exe jsloader.dll enodpl.sys dapbho.dll acu.exe all.