Solved

"tscd_win32.exe" virus or not?

Posted on 2007-03-27
12
5,572 Views
Last Modified: 2013-12-04
When I shutdown my WinXP SP2 system I get a failure or crash of a service called "tscd_win32.exe".  When I try to Google this service, all I get is that it's some sort of crypto software but I have no idea if it's a virus or otherwise?

Can anyone tell me if this is some sort of trojan, worm or other?

Thanks
0
Comment
Question by:dcxmancan
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 22

Accepted Solution

by:
orangutang earned 50 total points
ID: 18801188
Well, I would think it's safe to remove since you have no idea what it is and it's not a Microsoft service.
0
 
LVL 5

Assisted Solution

by:rulirahmadi
rulirahmadi earned 50 total points
ID: 18801333
Try to use Windows Defender to disable/remove the process/spyware.

More info:
http://www.experts-exchange.com/Security/Win_Security/Q_22122938.html
http://www.experts-exchange.com/Miscellaneous/Q_22119162.html
-----------------------------------------------------------------------------------------------------------

Download hijackthis
http://www.download.com/HijackThis/3000-8022_4-10379544.html
paste your log here and hit analize
http://www.hijackthis.de and hit analyle and you should be able to see what needs to be fixed
then run hijackthis again and remove those entries
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801374
Well, if it's just a service, you can search for the exe in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
and delete the key that value it's in
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:dcxmancan
ID: 18801409
how can i remove it if i can't even find it on the system.  I've done a complete search from top level (my computer) and no results found.

the only way i know it exists is when i shutdown and it crashes with that pop up window error.  i can also see it under the task manager/processes tab.  I can stop the service there but it will start up again when i reboot.

I've checked the regedit as well without luck.

has anyone come accross this?

i know my next step is to reformat but i just don't want to do it only to find out later it is a hidden service that is needed or non-harmful.

thanks for help on this
0
 

Author Comment

by:dcxmancan
ID: 18801429
rulirahmadi, i've got pc-cillin installed with the latest pattern.  is windows defender better?

can anyone confirm if it's a virus or not?

thanks
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801440
That's weird. you should be able to open regedit, goto:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
,click on the "Services" key, press Ctrl+F, only select "Data", and search for "tscd_win32"
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 25 total points
ID: 18801815
You can try http://superantispyware.com/

# Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!
 
# Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits and many other types of threats.

Go it myself. Quite good with fast customer support.

Tolomir
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18802508
I use Windows Defender to monitor unknown process (Publisher not available) and network connected program (where spywares doing their action). It's very usefull. We even can disable/enable and remove any unwanted process.
0
 

Author Comment

by:dcxmancan
ID: 18803412
orangutang,  yes i did do the "ctrl-f" in regedit and nothing showed up.

tolomir/rulirahmadi, i'll see which one suits me best or try both and let you know

but if anyone knows if "tscd_win32.exe" is harmful, that would be great.

thanks again
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18803481
For quick result (harmful or not), better try HijackThis.
0
 

Author Comment

by:dcxmancan
ID: 18803573
i found out what it is.

it's actually part of the TPM software package (Embassy Suite) that Dell gives out with their biometric scanners.

but its just funny it started acting up now.  sufficed to say i did an uninstall with a reg clean and a re-install of the latest version and the crash seems to have gone away.

who wants the points on this?
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question