home

cnext.exe

Radeon Settings

Advanced Micro Devices, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘StartCN’.
Publisher:
Advanced Micro Devices, Inc.  (signed and verified)

Product:
Radeon Settings

Description:
Radeon Settings: Host Application

Version:
10,01,01,1522

MD5:
32a833aede9b1130a9aa8d3a6a76a7a9

SHA-1:
f9e39b4b487b2d0fcadb35125c7cdf782f260b11

SHA-256:
de031f1fa10b28c800623e9b871d62bd4fc01f1b934dc517b2f35f80edb4430d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:02:20 AM UTC  (today)

File size:
4.6 MB (4,873,416 bytes)

Product version:
10,01,01,1522

Copyright:
Copyright (C) 2015 Advanced Micro Devices, Inc.

Original file name:
cnext.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\amd\cnext\cnext\cnext.exe

Digital Signature
Signed by:
Advanced Micro Devices, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/3/2013 2:00:00 AM

Valid to:
6/2/2016 1:59:59 AM

Subject:
CN="Advanced Micro Devices, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Advanced Micro Devices, Inc.", L=Sunnyvale, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4CD9E755850C1372B48DC182A7308BAB

File PE Metadata
Compilation timestamp:
12/2/2015 4:20:19 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:xNGCZVQebj4il/0xKrdN2OMu1gJ69iEHqv2/OKPQ:xNGCZVQebj4il/0xKrdN2OMu1gJuiCql

Entry address:
0x15DCC4

Entry point:
48, 83, EC, 28, E8, 63, 03, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 70, 10, 57, 48, 83, EC, 30, 48, 83, 60, F0, 00, 83, 60, E8, 00, FF, 15, B1, 97, 01, 00, 0F, B7, F0, 65, 48, 8B, 0C, 25, 30, 00, 00, 00, 48, 8B, 51, 08, 33, DB, 33, C0, F0, 48, 0F, B1, 15, 6C, 6F, 2E, 00, 74, 0E, 48, 3B, C2, 75, 07, BB, 01, 00, 00, 00, EB, 02, EB, E5, 8B, 05, 5E, 6F, 2E, 00, 83, F8, 01, 75, 0A, 8D, 48, 1E, E8, 17, 02, 00, 00, EB, 3F, 8B, 05, 49, 6F, 2E, 00, 85, C0, 75, 2B, C7...
 
[+]

Code size:
1.5 MB (1,528,320 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
StartCN

Command:
"C:\Program Files\amd\cnext\cnext\cnext.exe" atlogon


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.