?
Solved

spoolsv.exe problem

Posted on 2007-10-04
24
Medium Priority
?
3,496 Views
Last Modified: 2013-11-22
operating system :  windows programming language
I have been suffering from problem named spoolsv.exe.

my computer has been viruses such as folder.exe,fun.exe,dc.exe like visual basic scripts; now they were
deleted. Since then I have been receiving a error related 'soolsv.exe is containing problem and needs to close'.I feel my computer speed has been slow since then.
give me the solution !!
0
Comment
Question by:vegetasharma
  • 8
  • 6
  • 6
  • +2
24 Comments
 
LVL 3

Expert Comment

by:BertusVanZyl
ID: 20012295
Spoolsvr is the service that stores things right before they are printed.

You can try reinstalling any printers you might have installed.
0
 
LVL 21

Expert Comment

by:jvuz
ID: 20012305
Do a scan with an updated www.superantispyware.com
0
 
LVL 32

Expert Comment

by:and235100
ID: 20012341
Sounds like you still have a malware issue:

Run a full A/V scan here (preferably in Safe Mode with Networking):
http://housecall.trendmicro.com/

Then run SuperAntiSpyware, with updated definitions:
http://www.superantispyware.com/download.html
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 20012353
is it spoolsv.exe or soolsv.exe?
because soolsv.exe is malware and spoolsv.exe is the Print Spooler service which is genuine windows process

can you please download hijackthis
http://www.download.com/HijackThis/3000-8022_4-10379544.html

scan, and save a log file, please post the log here
0
 
LVL 32

Expert Comment

by:and235100
ID: 20012361
Sorry, jvuz - didn't refresh my page...
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012488
The Problem still persists when I log in to my system :

Spoolsv.exe - Application error
The instruction at "0x75bc7140" referenced memory at :0x00000ab". The memory could not be "read"
Click on OK to terminate the program
Click on CANCEL to debug the program
it is using much memory of my system
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 20012501
Spoolsv.exe is Print Spooling service IF its running from system32 folder, otherwise its crap!
can we please see a hijackthis log?

otherwise if you are sure that its the legit file, then uninstall your printer and then clean your printer drivers
http://members.shaw.ca/bsanders/CleanPrinterDrivers.htm

restart and post back the results.....
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012503
It saves xml logfile in my c drive

<?xml version="1.0"?>
<SpoolerErrorLog>
      <RegistryData>
            <Printer name="Canon LASER SHOT LBP-1210">
                  <ChangeID>0x1439ea</ChangeID>
                  <Status>0x180</Status>
                  <Name><![CDATA[Canon LASER SHOT LBP-1210]]></Name>
                  <Share_Name><![CDATA[]]></Share_Name>
                  <Print_Processor><![CDATA[WinPrint]]></Print_Processor>
                  <Datatype><![CDATA[RAW]]></Datatype>
                  <Parameters><![CDATA[]]></Parameters>
                  <Action>0x0</Action>
                  <ObjectGUID><![CDATA[]]></ObjectGUID>
                  <DsKeyUpdate>0x0</DsKeyUpdate>
                  <DsKeyUpdateForeground>0x3</DsKeyUpdateForeground>
                  <Description><![CDATA[]]></Description>
                  <Printer_Driver><![CDATA[Canon LASER SHOT LBP-1210]]></Printer_Driver>
                  <Node name="DsDriver">
                        <printMaxXExtent>0x0</printMaxXExtent>
                        <printMaxYExtent>0x0</printMaxYExtent>
                        <printMinXExtent>0x7fff</printMinXExtent>
                        <printMinYExtent>0x7fff</printMinYExtent>
                        <printMaxResolutionSupported>0x258</printMaxResolutionSupported>
                        <printRate>0xe</printRate>
                        <printRateUnit><![CDATA[PagesPerMinute]]></printRateUnit>
                        <printPagesPerMinute>0xe</printPagesPerMinute>
                        <driverVersion>0x401</driverVersion>
                  </Node>
                  <Node name="DsSpooler">
                        <description><![CDATA[]]></description>
                        <driverName><![CDATA[Canon LASER SHOT LBP-1210]]></driverName>
                        <location><![CDATA[]]></location>
                        <printStartTime>0x0</printStartTime>
                        <printEndTime>0x0</printEndTime>
                        <printerName><![CDATA[Canon LASER SHOT LBP-1210]]></printerName>
                        <printSeparatorFile><![CDATA[]]></printSeparatorFile>
                        <printShareName><![CDATA[]]></printShareName>
                        <printSpooling><![CDATA[PrintAfterSpooled]]></printSpooling>
                        <priority>0x1</priority>
                        <uNCName><![CDATA[\\user-6ef1d01b93\Canon LASER SHOT LBP-1210]]></uNCName>
                        <versionNumber>0x4</versionNumber>
                        <serverName><![CDATA[user-6ef1d01b93]]></serverName>
                        <shortServerName><![CDATA[USER-6EF1D01B93]]></shortServerName>
                        <url><![CDATA[http://user-6ef1d01b93/]]></url>
                        <flags>0x0</flags>
                  </Node>
                  <Node name="PnPData">
                        <DeviceInstanceId><![CDATA[USBPRINT\CANONLASER_SHOT_LBP-1210\6&D90543F&0&USB001]]></DeviceInstanceId>
                        <HardwareID><![CDATA[usbprint\canonlaser_shot_lbp-6122]]></HardwareID>
                        <Manufacturer><![CDATA[Canon]]></Manufacturer>
                        <OEM_URL><![CDATA[http://www.canon.com/support]]></OEM_URL>
                  </Node>
                  <Node name="PrinterDriverData">
                        <SPLUserModePrinterDriver><![CDATA[CAP2UMN.dll]]></SPLUserModePrinterDriver>
                        <FreeMem>0x0</FreeMem>
                        <PrinterDataSize>0x5c</PrinterDataSize>
                        <APPINFO-SIZE>0x1c8</APPINFO-SIZE>
                        <APPINFO><![CDATA[02CORELDRW.EXE;01PM65.EXE;01WORDPRO.EXE;01MSPUB.EXE;01CLARISWORKS.EXE;01DREAM3D.EXE;02PHOTOPNT.EXE;03ACRORD32.EXE;01FLOW70.EXE;01PFPPOP70.EXE;02QPW.EXE;01F32MAIN.EXE;01123W.EXE;01DS70.EXE;01ACROBAT.EXE;01PM70.EXE;01WINWORD.EXE;]]></APPINFO>
                  </Node>
            </Printer>
            <Printer name="Microsoft Office Document Image Writer">
                  <ChangeID>0x13f11a</ChangeID>
                  <Status>0x80</Status>
                  <Name><![CDATA[Microsoft Office Document Image Writer]]></Name>
                  <Share_Name><![CDATA[]]></Share_Name>
                  <Print_Processor><![CDATA[ModiPrint]]></Print_Processor>
                  <Datatype><![CDATA[RAW]]></Datatype>
                  <Parameters><![CDATA[]]></Parameters>
                  <Action>0x0</Action>
                  <ObjectGUID><![CDATA[]]></ObjectGUID>
                  <DsKeyUpdate>0x0</DsKeyUpdate>
                  <DsKeyUpdateForeground>0x3</DsKeyUpdateForeground>
                  <Description><![CDATA[]]></Description>
                  <Printer_Driver><![CDATA[Microsoft Office Document Image Writer Driver]]></Printer_Driver>
                  <Priority>0x1</Priority>
                  <Default_Priority>0x0</Default_Priority>
                  <StartTime>0x0</StartTime>
                  <UntilTime>0x0</UntilTime>
                  <Separator_File><![CDATA[]]></Separator_File>
                  <Location><![CDATA[]]></Location>
                  <Attributes>0x0</Attributes>
                  <txTimeout>0xafc8</txTimeout>
                  <dnsTimeout>0x3a98</dnsTimeout>
                  <SpoolDirectory><![CDATA[]]></SpoolDirectory>
                  <Port><![CDATA[Microsoft Document Imaging Writer Port:]]></Port>
                  <Node name="DsDriver">
                        <printMaxXExtent>0x76</printMaxXExtent>
                        <printMaxYExtent>0x0</printMaxYExtent>
                        <printMinXExtent>0x76</printMinXExtent>
                        <printMinYExtent>0x0</printMinYExtent>
                        <printMaxResolutionSupported>0x12c</printMaxResolutionSupported>
                        <printRateUnit><![CDATA[]]></printRateUnit>
                        <driverVersion>0x401</driverVersion>
                  </Node>
                  <Node name="DsSpooler">
                        <description><![CDATA[]]></description>
                        <driverName><![CDATA[Microsoft Office Document Image Writer Driver]]></driverName>
                        <location><![CDATA[]]></location>
                        <printStartTime>0x0</printStartTime>
                        <printEndTime>0x0</printEndTime>
                        <printerName><![CDATA[Microsoft Office Document Image Writer]]></printerName>
                        <printSeparatorFile><![CDATA[]]></printSeparatorFile>
                        <printShareName><![CDATA[]]></printShareName>
                        <printSpooling><![CDATA[PrintWhileSpooling]]></printSpooling>
                        <priority>0x1</priority>
                        <uNCName><![CDATA[\\user-6ef1d01b93\Microsoft Office Document Image Writer]]></uNCName>
                        <versionNumber>0x4</versionNumber>
                        <serverName><![CDATA[user-6ef1d01b93]]></serverName>
                        <shortServerName><![CDATA[USER-6EF1D01B93]]></shortServerName>
                        <flags>0x0</flags>
                  </Node>
            </Printer>
            <PrintProvidor name="Internet Print Provider">
                  <DisplayName><![CDATA[HTTP Print Services]]></DisplayName>
                  <Name><![CDATA[inetpp.dll]]></Name>
            </PrintProvidor>
            <PrintProvidor name="LanMan Print Services">
                  <DisplayName><![CDATA[LanMan Print Services]]></DisplayName>
                  <Name><![CDATA[win32spl.dll]]></Name>
                  <Node name="servers">
                        <addprinterdrivers>0x0</addprinterdrivers>
                  </Node>
            </PrintProvidor>
            <PrintProcessor name="ModiPrint">
                  <Driver><![CDATA[mdippr.dll]]></Driver>
            </PrintProcessor>
            <PrintProcessor name="winprint">
                  <Driver><![CDATA[localspl.dll]]></Driver>
            </PrintProcessor>
            <PortMonitor name="BJ Language Monitor">
                  <Driver><![CDATA[cnbjmon.dll]]></Driver>
            </PortMonitor>
            <PortMonitor name="CAP2 Monitor">
                  <Driver><![CDATA[CAP2LMK.DLL]]></Driver>
            </PortMonitor>
            <PortMonitor name="Local Port">
                  <Driver><![CDATA[localspl.dll]]></Driver>
            </PortMonitor>
            <PortMonitor name="Microsoft Document Imaging Writer Monitor">
                  <Driver><![CDATA[mdimon.dll]]></Driver>
            </PortMonitor>
            <PortMonitor name="PJL Language Monitor">
                  <Driver><![CDATA[pjlmon.dll]]></Driver>
                  <EOJTimeout>0xea60</EOJTimeout>
            </PortMonitor>
            <PortMonitor name="Standard TCP/IP Port">
                  <Driver><![CDATA[tcpmon.dll]]></Driver>
                  <Node name="Ports">
                        <StatusUpdateInterval>0xa</StatusUpdateInterval>
                        <StatusUpdateEnabled>0x1</StatusUpdateEnabled>
                  </Node>
            </PortMonitor>
            <PortMonitor name="USB Monitor">
                  <Driver><![CDATA[usbmon.dll]]></Driver>
            </PortMonitor>
      </RegistryData>
      <EventLogData>
      </EventLogData>
      <SpoolerObjects>
            <Spooler name="LocalSpl" address="0x00A22120">
                  <Printer name="Microsoft Office Document Image Writer" address="0x00A282B8">
                        <ShareName></ShareName>
                        <PrintProcessor name="ModiPrint" address="0x00A277F8">
                              <dllName>mdippr.dll</dllName>
                        </PrintProcessor>
                        <Driver name="Microsoft Office Document Image Writer Driver" address="0x00A26DB8">
                              <DriverFile>mdigraph.dll</DriverFile>
                              <ConfigFile>mdiui.dll</ConfigFile>
                              <HelpFile>(null)</HelpFile>
                              <DependantFiles></DependantFiles>
                              <MonitorName>(null)</MonitorName>
                              <MfgName>(null)</MfgName>
                              <DriverVersion>0</DriverVersion>
                              <cVersion>3</cVersion>
                        </Driver>
                        <Status>0x180</Status>
                        <Attributes>0x0</Attributes>
                        <cJobs>0</cJobs>
                        <cSpooling>0</cSpooling>
                        <Port name="Microsoft Document Imaging Writer Port:" address="0x00A25C18">
                              <Status>(null)</Status>
                              <PortMonitor name="Microsoft Document Imaging Writer Monitor" address="0x00A25A30">
                                    <MonitorDll>mdimon.dll</MonitorDll>
                              </PortMonitor>
                        </Port>
                  </Printer>
                  <Printer name="Canon LASER SHOT LBP-1210" address="0x00A27B80">
                        <ShareName></ShareName>
                        <PrintProcessor name="WinPrint" address="0x00A26530">
                              <dllName>localspl.dll</dllName>
                        </PrintProcessor>
                        <Driver name="Canon LASER SHOT LBP-1210" address="0x00A26C68">
                              <DriverFile>CAP2K.DLL</DriverFile>
                              <ConfigFile>CAP2UIK.DLL</ConfigFile>
                              <HelpFile>CAP2.HLP</HelpFile>
                              <DependantFiles>CAP2SETK.DLL;CAP2UNIK.EXE;CAP2SMK.DLL;CAP2LMK.DLL;CAP2RSK.EXE;CAP2EMN.DLL;CAP2PTMN.DLL;CAP2LAK.EXE;CAP2SWK.EXE;CAP2PMN.DLL;CAP2TRSK.EXE;CAP2RDN.DLL;CAP2HT.BIN;CAP2LPT.SYS;CAP2APPN.DAT;CAP2INFK.DAT;CAP2.CNT;CAP2ONN.EXE;CAP2ZWAV.BIN;</DependantFiles>
                              <MonitorName>CAP2 Monitor</MonitorName>
                              <MfgName>Canon</MfgName>
                              <DriverVersion>1000000000012</DriverVersion>
                              <cVersion>3</cVersion>
                        </Driver>
                        <Status>0x180</Status>
                        <Attributes>0xe00</Attributes>
                        <cJobs>0</cJobs>
                        <cSpooling>0</cSpooling>
                        <Port name="USB001" address="0x00A262E8">
                              <Status>(null)</Status>
                              <PortMonitor name="USB Monitor" address="0x00A25F60">
                                    <MonitorDll>usbmon.dll</MonitorDll>
                              </PortMonitor>
                              <LanguageMonitor name="CAP2 Monitor" address="0x00A24FA8">
                                    <MonitorDll>CAP2LMK.DLL</MonitorDll>
                              </LanguageMonitor>
                        </Port>
                  </Printer>
            </Spooler>
      </SpoolerObjects>
</SpoolerErrorLog>
0
 
LVL 32

Expert Comment

by:and235100
ID: 20012508
As SheharyaarSaahil says, could you post a HJT log using:
http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 20012512
i was asking about the hijackthis log.....not this log :)
0
 
LVL 32

Expert Comment

by:and235100
ID: 20012519
Apologies - didn't see your previous post...
0
 
LVL 21

Expert Comment

by:jvuz
ID: 20012520
and235100, no probs. I'm having the same 'problem' sometimes ;)
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012527
My adobe acrobat reader is also not running well, in fact it does not start.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 20012535
are you listening to us sharma......we need to see your hijackthis log......without checking that what's going on your system.....we are sitting blinds here.....do you really want us to start shooting whatever and wherever! :)
0
 
LVL 32

Expert Comment

by:and235100
ID: 20012540
Ahh - this might explain why you are getting spoolsvr issues.

Remove Adobe Reader (and Acrobat - if you have it installed) - from Add/Remove Programs - then reboot - does the issue resolve itself?
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012541
ok ,I have to install hijackthis first
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012551
But I have to use adobe acrobat reader for reading ebooks . I must have it !!
0
 
LVL 21

Assisted Solution

by:jvuz
jvuz earned 300 total points
ID: 20012580
Use http://www.snapfiles.com/get/foxitpdf.html instead, it's much faster the acrobat reader.

For Hijackthis, you don't need to install it, just download it, unzip it and place it in it's own directory. Then run it and place the log here.
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012634
ok then
see this log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:05:59 PM, on 10/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\oracle\ora90\bin\agntsrvc.exe
D:\oracle\ora90\Apache\Apache\Apache.exe
C:\WINDOWS\system32\cmd.exe
D:\oracle\ora90\bin\dbsnmp.exe
D:\oracle\ora90\BIN\TNSLSNR.exe
d:\oracle\ora90\bin\ORACLE.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\CAP2RSK.EXE
D:\oracle\ora90\Apache\jdk\bin\java.exe
D:\oracle\ora90\Apache\Apache\Apache.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\explorer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\SPEEDB~1\VideoAccelerator.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP2SWK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dll
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, explorer.exe
O1 - Hosts: 62.75.224.159 www.bns3.net
O1 - Hosts: 62.75.224.159 www.bns4.net
O1 - Hosts: 62.75.224.159 www.bns5.net
O1 - Hosts: 62.75.224.159 www.bns6.net
O1 - Hosts: 62.75.224.159 www.bns7.net
O1 - Hosts: 62.75.224.159 www.bns8.net
O1 - Hosts: 62.75.224.159 www.cms3.net
O1 - Hosts: 62.75.224.159 www.cms4.net
O1 - Hosts: 62.75.224.159 www.cms5.net
O1 - Hosts: 62.75.224.159 www.cms6.net
O1 - Hosts: 62.75.224.159 www.cms7.net
O1 - Hosts: 62.75.224.159 www.cms8.net
O1 - Hosts: 62.75.224.159 www.rg1.com
O1 - Hosts: 62.75.224.159 www.rg2.com
O1 - Hosts: 62.75.224.159 www.rg3.com
O1 - Hosts: 62.75.224.159 www.rg4.com
O1 - Hosts: 62.75.224.159 www.rg5.com
O1 - Hosts: 62.75.224.159 www.rg6.com
O1 - Hosts: 62.75.224.159 www.rg7.com
O1 - Hosts: 62.75.224.159 www.rg8.com
O1 - Hosts: 62.75.224.159 bns3.net
O1 - Hosts: 62.75.224.159 bns4.net
O1 - Hosts: 62.75.224.159 bns5.net
O1 - Hosts: 62.75.224.159 bns6.net
O1 - Hosts: 62.75.224.159 bns7.net
O1 - Hosts: 62.75.224.159 bns8.net
O1 - Hosts: 62.75.224.159 cms3.net
O1 - Hosts: 62.75.224.159 cms4.net
O1 - Hosts: 62.75.224.159 cms5.net
O1 - Hosts: 62.75.224.159 cms6.net
O1 - Hosts: 62.75.224.159 cms7.net
O1 - Hosts: 62.75.224.159 cms8.net
O1 - Hosts: 62.75.224.159 rg1.com
O1 - Hosts: 62.75.224.159 rg2.com
O1 - Hosts: 62.75.224.159 rg3.com
O1 - Hosts: 62.75.224.159 rg4.com
O1 - Hosts: 62.75.224.159 rg5.com
O1 - Hosts: 62.75.224.159 rg6.com
O1 - Hosts: 62.75.224.159 rg7.com
O1 - Hosts: 62.75.224.159 rg8.com
O1 - Hosts: 62.75.224.159 cjt1.net
O1 - Hosts: 62.75.224.159 rgs1.net
O1 - Hosts: 62.75.224.159 rgs2.net
O1 - Hosts: 62.75.224.159 j800banners.cjt1.net
O1 - Hosts: 62.75.224.159 jadlogix.cjt1.net
O1 - Hosts: 62.75.224.159 www.m7z.net
O1 - Hosts: 62.75.224.159 m7z.net
O1 - Hosts: 62.75.224.159 jcontent.bns1.m7z.net
O1 - Hosts: 62.75.224.159 2004CMS.com
O1 - Hosts: 62.75.224.159 bns1.m7z.net
O1 - Hosts: 62.75.224.159 client.exeem.com
O1 - Hosts: 62.75.224.159 exeem.com
O1 - Hosts: 62.75.224.159 www.exeem.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Barsaka] explorer.exe
O4 - HKLM\..\Run: [CAP2ON] C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAP2ONN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [XPPrintSpool] %windir%\java\java.log\spoolsv.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SpeedOptimizer3] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Canon LASER SHOT LBP-1210 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{45139677-F2C8-472E-B405-C648B26C3631}: NameServer = 218.248.240.23 218.248.240.135
O17 - HKLM\System\CS2\Services\Tcpip\..\{45139677-F2C8-472E-B405-C648B26C3631}: NameServer = 218.248.240.23 218.248.240.135
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Oracle OLAP 9.0.1.0.1 (OLAPServer) - Oracle Corporation - D:\oracle\ora90\bin\xsolap.exe
O23 - Service: Oracle OLAP Agent - Unknown owner - D:\oracle\ora90\bin\xsaagent.exe
O23 - Service: OracleOraHome90Agent - Oracle Corporation - D:\oracle\ora90\bin\agntsrvc.exe
O23 - Service: OracleOraHome90ClientCache - Unknown owner - D:\oracle\ora90\BIN\ONRSD.EXE
O23 - Service: OracleOraHome90HTTPServer - Unknown owner - D:\oracle\ora90\Apache\Apache\Apache.exe
O23 - Service: OracleOraHome90PagingServer - Unknown owner - D:\oracle\ora90/bin/pagntsrv.exe
O23 - Service: OracleOraHome90SNMPPeerEncapsulator - Unknown owner - D:\oracle\ora90\BIN\ENCSVC.EXE
O23 - Service: OracleOraHome90SNMPPeerMasterAgent - Unknown owner - D:\oracle\ora90\BIN\AGNTSVC.EXE
O23 - Service: OracleOraHome90TNSListener - Unknown owner - D:\oracle\ora90\BIN\TNSLSNR.exe
O23 - Service: OracleServiceGAGAN - Oracle Corporation - d:\oracle\ora90\bin\ORACLE.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
O23 - Service: Visibroker Smart Agent (xsSmartAgent) - Unknown owner - D:\oracle\ora90\bin\osagent.exe

--
End of file - 11791 bytes
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20012650
dear friends do not call me by last name, it is just a request !! else say whatever you want
0
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 600 total points
ID: 20012651
fix this line
O4 - HKLM\..\Run: [XPPrintSpool] %windir%\java\java.log\spoolsv.exe

boot under safemode and delete the C:\Windows\java folder\java.log folder
delete "java.log" folder, DON'T delete "java"

restart back in normal mode and post back the results.......
0
 
LVL 1

Author Comment

by:vegetasharma
ID: 20014472
I deleted as you told me shaahil  using hijackthis in safemode.
and thanks for foxpdf aanand it is really great ,I fogot the adobe reader when I first time used it.
A win32 dilog box appears complaining that ' spoolersubsystem encounter a problem and needs to close'
is that another  problem or we have solved the problem and I need not worry about it.
0
 
LVL 32

Assisted Solution

by:and235100
and235100 earned 600 total points
ID: 20014515
Few articles on this:
http://support.microsoft.com/kb/324757
http://support.microsoft.com/kb/810894
(more likely the 2nd one)
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 20014521
when does the error come now......upon startup or when you try to print?
can we see a fresh hjt scan log?
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question