home

sw20.EXE

sw20 Application

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SW20’.
Product:
sw20 Application

Description:
sw20 MFC Application

Version:
1, 0, 0, 1

MD5:
aabf8bbcce13d9f1109f8d2388d6bec0

SHA-1:
ccb4beb20ef9fff0bb223ae1dc8e0e17e3046603

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
7/15/2025 5:43:33 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
16247

File size:
204 KB (208,896 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2005

Original file name:
sw20.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinesisch (Taiwan)

Common path:
C:\Windows\System32\sw20.exe

File PE Metadata
Compilation timestamp:
10/27/2006 9:11:50 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:SAjo0EEgR7teDS338ssZoBHTpNFQpg23zAsN5aqtzTlLgH:7kxE+JeDSH89ZoBlMg+9DlLs

Entry address:
0x104AF

Entry point:
E8, 07, 80, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 78, 52, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 85, C0, 5F, 89, 45, FC, 5E, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, AC, 30, 42, 00, C9, C2, 08, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 3C, CB, 42, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4...
 
[+]

Code size:
136 KB (139,264 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SW20

Command:
C:\Windows\System32\sw20.exe


Scan sw20.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.