home

IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
7.14.10.1329

MD5:
1f1dc11b3b8ac59a3dab87c45adcfa73

SHA-1:
90f2c846eb2fb4e98fdb3261fbdad90c0521eb1f

SHA-256:
4961d153318ead3a65b264ae61cda83cb5d85a5ad91d7672dde075063563bc98

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:31:24 PM UTC  (today)

File size:
126.5 KB (129,560 bytes)

Product version:
7.14.10.1329

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
VeriSign, Inc.

Valid from:
4/13/2006 9:00:00 AM

Valid to:
4/23/2008 8:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E419FC3EE1859A6BD80C35CC4705AC2

File PE Metadata
Compilation timestamp:
9/14/2007 7:10:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:+MGSVv2nR5NdjiU66fXSPNkoXu6yppcj/1DxRkUTkUttx4dgiq:+nS2RBvS1HXrP97TkUttGk

Entry address:
0xAABD

Entry point:
E8, 47, 3D, 00, 00, E9, 16, FE, FF, FF, C3, B8, 2A, F3, 40, 00, A3, B0, B6, 41, 00, C7, 05, B4, B6, 41, 00, 26, EA, 40, 00, C7, 05, B8, B6, 41, 00, E4, E9, 40, 00, C7, 05, BC, B6, 41, 00, 18, EA, 40, 00, C7, 05, C0, B6, 41, 00, 8E, E9, 40, 00, A3, C4, B6, 41, 00, C7, 05, C8, B6, 41, 00, A4, F2, 40, 00, C7, 05, CC, B6, 41, 00, A4, E9, 40, 00, C7, 05, D0, B6, 41, 00, 0E, E9, 40, 00, C7, 05, D4, B6, 41, 00, 9D, E8, 40, 00, C3, E8, 9B, FF, FF, FF, E8, 9D, 48, 00, 00, 83, 7C, 24, 04, 00, A3, 8C, C7, 41, 00, 74...
 
[+]

Entropy:
6.2428

Code size:
84 KB (86,016 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.