home

TGCMD.EXE

Support.com Scheduler and Command Dispatcher

TeliaSonera AB

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘tgcmd’.
Publisher:
SupportSoft, Inc.  (signed by TeliaSonera AB)

Product:
Support.com Scheduler and Command Dispatcher

Version:
5,6,1039,0

MD5:
a51645278d0bf1777f7a7e2267c5b9fa

SHA-1:
ec4c9699f8916ff4c16785bb609760957b2baa8d

SHA-256:
cc92a49fa2f670620fc8ad7a4c0d86f51dab6dbdf9a1d1ffbcd1e786972515ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 1:51:00 PM UTC  (today)

File size:
1.7 MB (1,762,816 bytes)

Product version:
5,6,1039,0

Copyright:
Copyright 1997-2069 SupportSoft

Original file name:
TGCMD.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\telia\supportassistent\bin\tgcmd.exe

Digital Signature
Signed by:
TeliaSonera AB

Authority:
VeriSign, Inc.

Valid from:
10/4/2005 2:00:00 AM

Valid to:
11/2/2006 12:59:59 AM

Subject:
CN=TeliaSonera AB, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TeliaSonera AB, L=Sundsvall, S=Medelpad, C=SE

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2C657D20DECCE2E3EF2BF09C96E29564

File PE Metadata
Compilation timestamp:
2/6/2005 9:21:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:F0JkQru0/7sQUuaWOjx05F5McAXg4Ol27xGYAwGm2nP8lpAUNHb9:F0JXr57szjt80jXmlMby8lpAw9

Entry address:
0x1FA82

Entry point:
55, 8B, EC, 6A, FF, 68, 08, 61, 53, 00, 68, 1C, 10, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 6C, 51, 53, 00, 33, D2, 8A, D4, 89, 15, A0, F3, 57, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 9C, F3, 57, 00, C1, E1, 08, 03, CA, 89, 0D, 98, F3, 57, 00, C1, E8, 10, A3, 94, F3, 57, 00, 6A, 01, E8, 6E, 20, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 0A, 11, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
1.2 MB (1,261,568 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
tgcmd

Command:
"C:\Program Files\telia\supportassistent\bin\tgcmd.exe" \server \startmonitor \deaf


Scan TGCMD.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.