home

IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
6.14.10.4873

MD5:
1a82170cc3642696080e01fd323839a3

SHA-1:
b0b65e91ac39a25df115de05895c4e16bc66fce1

SHA-256:
138e0ddd19e82fbd62862534c33581eff264e13c77a221a511f6cc4aacdfa3b2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 11:08:22 AM UTC  (today)

File size:
206.5 KB (211,480 bytes)

Product version:
6.14.10.4873

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
VeriSign, Inc.

Valid from:
4/13/2006 12:00:00 AM

Valid to:
4/22/2008 11:59:59 PM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E419FC3EE1859A6BD80C35CC4705AC2

File PE Metadata
Compilation timestamp:
9/19/2007 12:16:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:cRIZtn3B216dsHBGHEb+ZLsaPbwvGSYZvHDQeUHJhLZ/K7fTpM6ZynUtLoc8gilD:Ltn4EWHNYPbvSq/DQzQ5Z+UtLz

Entry address:
0xCDDD

Entry point:
E8, 48, 3D, 00, 00, E9, 16, FE, FF, FF, B8, 4B, 16, 41, 00, A3, B0, D6, 41, 00, C7, 05, B4, D6, 41, 00, 47, 0D, 41, 00, C7, 05, B8, D6, 41, 00, 05, 0D, 41, 00, C7, 05, BC, D6, 41, 00, 39, 0D, 41, 00, C7, 05, C0, D6, 41, 00, AF, 0C, 41, 00, A3, C4, D6, 41, 00, C7, 05, C8, D6, 41, 00, C5, 15, 41, 00, C7, 05, CC, D6, 41, 00, C5, 0C, 41, 00, C7, 05, D0, D6, 41, 00, 2F, 0C, 41, 00, C7, 05, D4, D6, 41, 00, BE, 0B, 41, 00, C3, E8, 9B, FF, FF, FF, E8, 9F, 48, 00, 00, 83, 7C, 24, 04, 00, A3, 90, E7, 41, 00, 74, 05...
 
[+]

Entropy:
4.8725

Code size:
92 KB (94,208 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe


Scan IGFXPERS.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.