home

IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
6.14.10.4851

MD5:
dbf835327e162ced60dbf15eb81520dd

SHA-1:
ae6a615af0b2547e1678859166dda10063b9be02

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:54:31 PM UTC  (today)

File size:
134.5 KB (137,752 bytes)

Product version:
6.14.10.4851

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
VeriSign, Inc.

Valid from:
4/13/2006 3:00:00 AM

Valid to:
4/23/2008 2:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E419FC3EE1859A6BD80C35CC4705AC2

File PE Metadata
Compilation timestamp:
7/17/2007 6:12:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:DRkbG1bHpyeqD9ecDnkCXTZaGnZPab2roXX6yJkl/K648q1V0AUt8NGOgi:UG1bYeqDoo9DZFUi0XX+I1VhUt84

Entry address:
0xC98D

Entry point:
E8, 48, 3D, 00, 00, E9, 16, FE, FF, FF, B8, FB, 11, 41, 00, A3, B0, D6, 41, 00, C7, 05, B4, D6, 41, 00, F7, 08, 41, 00, C7, 05, B8, D6, 41, 00, B5, 08, 41, 00, C7, 05, BC, D6, 41, 00, E9, 08, 41, 00, C7, 05, C0, D6, 41, 00, 5F, 08, 41, 00, A3, C4, D6, 41, 00, C7, 05, C8, D6, 41, 00, 75, 11, 41, 00, C7, 05, CC, D6, 41, 00, 75, 08, 41, 00, C7, 05, D0, D6, 41, 00, DF, 07, 41, 00, C7, 05, D4, D6, 41, 00, 6E, 07, 41, 00, C3, E8, 9B, FF, FF, FF, E8, 9F, 48, 00, 00, 83, 7C, 24, 04, 00, A3, 88, E7, 41, 00, 74, 05...
 
[+]

Code size:
92 KB (94,208 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.