tcmsetup.exe

  • File Path: C:\Windows\system32\tcmsetup.exe
  • Description: Microsoft Windows(TM) Telephony Administration Setup

Screenshot

tcmsetup.exe

Hashes

Type Hash
MD5 2C32B625127DE85FB0273569687060E1
SHA1 4E5861950F56F44528EC52B829F0FD236445C78E
SHA256 7C159CDD1FB7C5359439DA809B5BEB15E1FFDF769D2249054C36F99C7B9BF609
SHA384 3E09745D001E2F91BBE80D3C35AD2A554EC73D610386AF6946CA422AB5E08C0F571331DF308C59C05FBBFC59113C25DC
SHA512 32A4B20A1188ED6F1315686CC1EFF87820D6D361D452E68780316AA8E4AE00740B178DD30A866662AF3C20BFE6091DFB02C4A906F24F4DFF01A323C0224FF051
SSDEEP 192:Xz8yrtsYOD7iyxXQw3IE2zDrxLCY7f8WS3qb6UdOU/QN99OWGQoW:ab7ieXKdzDrx207dbKV9OWGQoW
IMP AE7E4F06CC6D11D0E730DEFD22D14777
PESHA1 31FC3E79D18A82CF0B683F8C6C10B4A401306590
PE256 C390EB6269F66647E79F0FCEC1B3DB3BD8712904E98EC4CD7852B65D224FA19B

Runtime Data

Child Processes:

explorer.exe

Window Title:

Telephony Client Setup Help

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(R-D) C:\Windows\System32\en-US\tcmsetup.exe.mui File
(RW-) C:\Users\user File
(RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.1518_none_de6e2bd0534e2567 File
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000004.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\2\Windows\Theme2131664586 Section
\Windows\Theme966197582 Section

Loaded Modules:

Path
C:\Windows\System32\ADVAPI32.dll
C:\Windows\System32\bcryptPrimitives.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\CRYPT32.dll
C:\Windows\System32\CRYPTSP.dll
C:\Windows\system32\dwmapi.dll
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\IMM32.DLL
C:\Windows\System32\kernel.appcore.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\MSASN1.dll
C:\Windows\System32\MSCTF.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\system32\TAPI32.dll
C:\Windows\system32\tcmsetup.exe
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\System32\win32u.dll
C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.1518_none_de6e2bd0534e2567\comctl32.dll

Signature

  • Status: Signature verified.
  • Serial: 33000001C422B2F79B793DACB20000000001C4
  • Thumbprint: AE9C1AE54763822EEC42474983D8B635116C8452
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCMSETUP.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.17763.1 (WinBuild.160101.0800)
  • Product Version: 10.0.17763.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/69
  • VirusTotal Link: https://www.virustotal.com/gui/file/7c159cdd1fb7c5359439da809b5beb15e1ffdf769d2249054c36f99c7b9bf609/detection/

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\tcmsetup.exe 72

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.


tcmsetup

Sets up or disables the TAPI client. For TAPI to function correctly, you must run this command to specify the remote servers that will be used by TAPI clients.

[!IMPORTANT] To use this command, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.

Syntax

tcmsetup [/q] [/x] /c <server1> [<server2> …]
tcmsetup  [/q] /c /d

Parameters

Parameter Description
/q Prevents the display of message boxes.
/x Specifies that connection-oriented callbacks will be used for heavy traffic networks where packet loss is high. When this parameter is omitted, connectionless callbacks will be used.
/c Required. Specifies client setup.
<server1> Required. Specifies the name of the remote server that has the TAPI service providers that the client will use. The client will use the service providers’ lines and phones. The client must be in the same domain as the server or in a domain that has a two-way trust relationship with the domain that contains the server.
<server2>… Specifies any additional server or servers that will be available to this client. If you specify a list of servers is, use a space to separate the server names.
/d Clears the list of remote servers. Disables the TAPI client by preventing it from using the TAPI service providers that are on the remote servers.
/? Displays help at the command prompt.
Remarks
  • Before a client user can use a phone or line on a TAPI server, the telephony server administrator must assign the user to the phone or line.

  • The list of telephony servers that is created by this command replaces any existing list of telephony servers available to the client. You can’t use this command to add to the existing list.

Additional References


MIT License. Copyright (c) 2020-2021 Strontic.