home

volume2.exe

Volume²

Alexandr Irza

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Volume2’.
Publisher:
Alexandr Irza

Product:
Volume²

Description:
Volume² - advanced Windows volume control

Version:
1.1.3.244

MD5:
22c80797284ee492ac22c0a55306d6b9

SHA-1:
9735fb77c39571810275ce900bbf060701ae58cf

SHA-256:
881c31d885ae60b66259097f0d52d835d1ef6766e2b20062b926595a05438098

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/11/2025 8:51:53 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Suspicious
15629

File size:
4.5 MB (4,709,888 bytes)

Product version:
1.1.3

Copyright:
Copyright © 2010-2012 by Alexandr Irza

Original file name:
Volume2

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\volume2\volume2.exe

File PE Metadata
Compilation timestamp:
1/6/2013 3:48:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:lyn1PQByEt5PIpcwjXM8S4uVaT+YddWecDWgHGR3T1zVmmkEr98afPf:fEEvPIpwaTODm7n

Entry address:
0x2FFE90

Entry point:
55, 8B, EC, B9, 0C, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, B8, 24, 37, 6F, 00, E8, 95, B9, D0, FF, 8B, 1D, E4, 8F, 71, 00, BE, 3C, 65, 7A, 00, 33, C0, 55, 68, D6, 03, 70, 00, 64, FF, 30, 64, 89, 20, C7, 06, 14, 01, 00, 00, 56, E8, C0, D1, D0, FF, 83, 7E, 04, 05, 73, 18, 6A, 40, B9, E4, 03, 70, 00, BA, F4, 03, 70, 00, 8B, 03, E8, 27, C2, E5, FF, E8, 7E, 6A, D0, FF, 83, 7E, 04, 06, 75, 06, 83, 7E, 08, 00, 74, 04, 33, C0, EB, 02, B0, 01, 8B, 15, 58, 8D, 71, 00, 88, 02, 83, 7E, 04, 06, 75, 06, 83, 7E...
 
[+]

Entropy:
6.5302

Developed / compiled with:
Microsoft Visual C++

Code size:
3 MB (3,139,584 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Volume2

Command:
C:\Program Files\volume2\volume2.exe


Scan volume2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.