Solved

"tscd_win32.exe" virus or not?

Posted on 2007-03-27
12
5,559 Views
Last Modified: 2013-12-04
When I shutdown my WinXP SP2 system I get a failure or crash of a service called "tscd_win32.exe".  When I try to Google this service, all I get is that it's some sort of crypto software but I have no idea if it's a virus or otherwise?

Can anyone tell me if this is some sort of trojan, worm or other?

Thanks
0
Comment
Question by:dcxmancan
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 22

Accepted Solution

by:
orangutang earned 50 total points
ID: 18801188
Well, I would think it's safe to remove since you have no idea what it is and it's not a Microsoft service.
0
 
LVL 5

Assisted Solution

by:rulirahmadi
rulirahmadi earned 50 total points
ID: 18801333
Try to use Windows Defender to disable/remove the process/spyware.

More info:
http://www.experts-exchange.com/Security/Win_Security/Q_22122938.html
http://www.experts-exchange.com/Miscellaneous/Q_22119162.html
-----------------------------------------------------------------------------------------------------------

Download hijackthis
http://www.download.com/HijackThis/3000-8022_4-10379544.html
paste your log here and hit analize
http://www.hijackthis.de and hit analyle and you should be able to see what needs to be fixed
then run hijackthis again and remove those entries
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801374
Well, if it's just a service, you can search for the exe in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
and delete the key that value it's in
0
 

Author Comment

by:dcxmancan
ID: 18801409
how can i remove it if i can't even find it on the system.  I've done a complete search from top level (my computer) and no results found.

the only way i know it exists is when i shutdown and it crashes with that pop up window error.  i can also see it under the task manager/processes tab.  I can stop the service there but it will start up again when i reboot.

I've checked the regedit as well without luck.

has anyone come accross this?

i know my next step is to reformat but i just don't want to do it only to find out later it is a hidden service that is needed or non-harmful.

thanks for help on this
0
 

Author Comment

by:dcxmancan
ID: 18801429
rulirahmadi, i've got pc-cillin installed with the latest pattern.  is windows defender better?

can anyone confirm if it's a virus or not?

thanks
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 22

Expert Comment

by:orangutang
ID: 18801440
That's weird. you should be able to open regedit, goto:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
,click on the "Services" key, press Ctrl+F, only select "Data", and search for "tscd_win32"
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 25 total points
ID: 18801815
You can try http://superantispyware.com/

# Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!
 
# Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits and many other types of threats.

Go it myself. Quite good with fast customer support.

Tolomir
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18802508
I use Windows Defender to monitor unknown process (Publisher not available) and network connected program (where spywares doing their action). It's very usefull. We even can disable/enable and remove any unwanted process.
0
 

Author Comment

by:dcxmancan
ID: 18803412
orangutang,  yes i did do the "ctrl-f" in regedit and nothing showed up.

tolomir/rulirahmadi, i'll see which one suits me best or try both and let you know

but if anyone knows if "tscd_win32.exe" is harmful, that would be great.

thanks again
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18803481
For quick result (harmful or not), better try HijackThis.
0
 

Author Comment

by:dcxmancan
ID: 18803573
i found out what it is.

it's actually part of the TPM software package (Embassy Suite) that Dell gives out with their biometric scanners.

but its just funny it started acting up now.  sufficed to say i did an uninstall with a reg clean and a re-install of the latest version and the crash seems to have gone away.

who wants the points on this?
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now