?
Solved

"tscd_win32.exe" virus or not?

Posted on 2007-03-27
12
Medium Priority
?
5,589 Views
Last Modified: 2013-12-04
When I shutdown my WinXP SP2 system I get a failure or crash of a service called "tscd_win32.exe".  When I try to Google this service, all I get is that it's some sort of crypto software but I have no idea if it's a virus or otherwise?

Can anyone tell me if this is some sort of trojan, worm or other?

Thanks
0
Comment
Question by:dcxmancan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 22

Accepted Solution

by:
orangutang earned 150 total points
ID: 18801188
Well, I would think it's safe to remove since you have no idea what it is and it's not a Microsoft service.
0
 
LVL 5

Assisted Solution

by:rulirahmadi
rulirahmadi earned 150 total points
ID: 18801333
Try to use Windows Defender to disable/remove the process/spyware.

More info:
http://www.experts-exchange.com/Security/Win_Security/Q_22122938.html
http://www.experts-exchange.com/Miscellaneous/Q_22119162.html
-----------------------------------------------------------------------------------------------------------

Download hijackthis
http://www.download.com/HijackThis/3000-8022_4-10379544.html
paste your log here and hit analize
http://www.hijackthis.de and hit analyle and you should be able to see what needs to be fixed
then run hijackthis again and remove those entries
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801374
Well, if it's just a service, you can search for the exe in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
and delete the key that value it's in
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:dcxmancan
ID: 18801409
how can i remove it if i can't even find it on the system.  I've done a complete search from top level (my computer) and no results found.

the only way i know it exists is when i shutdown and it crashes with that pop up window error.  i can also see it under the task manager/processes tab.  I can stop the service there but it will start up again when i reboot.

I've checked the regedit as well without luck.

has anyone come accross this?

i know my next step is to reformat but i just don't want to do it only to find out later it is a hidden service that is needed or non-harmful.

thanks for help on this
0
 

Author Comment

by:dcxmancan
ID: 18801429
rulirahmadi, i've got pc-cillin installed with the latest pattern.  is windows defender better?

can anyone confirm if it's a virus or not?

thanks
0
 
LVL 22

Expert Comment

by:orangutang
ID: 18801440
That's weird. you should be able to open regedit, goto:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
,click on the "Services" key, press Ctrl+F, only select "Data", and search for "tscd_win32"
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 75 total points
ID: 18801815
You can try http://superantispyware.com/

# Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!
 
# Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers, Parasites, Rootkits and many other types of threats.

Go it myself. Quite good with fast customer support.

Tolomir
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18802508
I use Windows Defender to monitor unknown process (Publisher not available) and network connected program (where spywares doing their action). It's very usefull. We even can disable/enable and remove any unwanted process.
0
 

Author Comment

by:dcxmancan
ID: 18803412
orangutang,  yes i did do the "ctrl-f" in regedit and nothing showed up.

tolomir/rulirahmadi, i'll see which one suits me best or try both and let you know

but if anyone knows if "tscd_win32.exe" is harmful, that would be great.

thanks again
0
 
LVL 5

Expert Comment

by:rulirahmadi
ID: 18803481
For quick result (harmful or not), better try HijackThis.
0
 

Author Comment

by:dcxmancan
ID: 18803573
i found out what it is.

it's actually part of the TPM software package (Embassy Suite) that Dell gives out with their biometric scanners.

but its just funny it started acting up now.  sufficed to say i did an uninstall with a reg clean and a re-install of the latest version and the crash seems to have gone away.

who wants the points on this?
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question