Solved

"tscd_win32.exe" virus or not?

Posted on 2007-03-27
12
5,576 Views
Last Modified: 2013-12-04
When I shutdown my WinXP SP2 system I get a failure or crash of a service called "tscd_win32.exe".  When I try to Google this service, all I get is that it's some sort of crypto software but I have no idea if it's a virus or otherwise?

Can anyone tell me if this is some sort of trojan, worm or other?

Thanks
0
Comment
Question by:dcxmancan
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 22

Accepted Solution

by:
orangutang earned 50 total points
ID: 18801188
Well, I would think it's safe to remove since you have no idea what it is and it's not a Microsoft service.
0
 
LVL 5

Assisted Solution

by:rulirahmadi
rulirahmadi earned 50 total points
ID: 18801333
Try to use Windows Defender to disable/remove the process/spyware.

More info:
http://www.experts-exchange.com/Security/Win_Security/Q_22122938.html
http://www.experts-exchange.com/Miscellaneous/Q_22119162.html
-----------------------------------------------------------------------------------------------------------

Download hijackthis
http://www.download.com/HijackThis/3000-8022_4-10379544.html
paste your log here and hit analize
http://www.hijackthis.de and hit analyle and you should be able to see what needs to be fixed
then run hijackthis again and remove those entries
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801374
Well, if it's just a service, you can search for the exe in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
and delete the key that value it's in
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:dcxmancan
ID: 18801409
how can i remove it if i can't even find it on the system.  I've done a complete search from top level (my computer) and no results found.

the only way i know it exists is when i shutdown and it crashes with that pop up window error.  i can also see it under the task manager/processes tab.  I can stop the service there but it will start up again when i reboot.

I've checked the regedit as well without luck.

has anyone come accross this?

i know my next step is to reformat but i just don't want to do it only to find out later it is a hidden service that is needed or non-harmful.

thanks for help on this
0
 

Author Comment

by:dcxmancan
ID: 18801429
rulirahmadi, i've got pc-cillin installed with the latest pattern.  is windows defender better?

can anyone confirm if it's a virus or not?

thanks
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801440
That's weird. you should be able to open regedit, goto:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
,click on the "Services" key, press Ctrl+F, only select "Data", and search for "tscd_win32"
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 25 total points
ID: 18801815
You can try http://superantispyware.com/

# Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!
 
# Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits and many other types of threats.

Go it myself. Quite good with fast customer support.

Tolomir
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18802508
I use Windows Defender to monitor unknown process (Publisher not available) and network connected program (where spywares doing their action). It's very usefull. We even can disable/enable and remove any unwanted process.
0
 

Author Comment

by:dcxmancan
ID: 18803412
orangutang,  yes i did do the "ctrl-f" in regedit and nothing showed up.

tolomir/rulirahmadi, i'll see which one suits me best or try both and let you know

but if anyone knows if "tscd_win32.exe" is harmful, that would be great.

thanks again
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18803481
For quick result (harmful or not), better try HijackThis.
0
 

Author Comment

by:dcxmancan
ID: 18803573
i found out what it is.

it's actually part of the TPM software package (Embassy Suite) that Dell gives out with their biometric scanners.

but its just funny it started acting up now.  sufficed to say i did an uninstall with a reg clean and a re-install of the latest version and the crash seems to have gone away.

who wants the points on this?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSL certificate pack 6 361
What to look for in Fraud Protection Solutions  PoC 1 80
extend monitor issues 6 66
SMB Signing issues 5 24
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question