home

IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
8.15.10.2712

MD5:
8d41e7800d38562edfddd491e6a8fbc7

SHA-1:
cb4c04f1bbe2fb6eaca5f100098778a10df8f6ee

SHA-256:
95df23b9cc4dc06b40bdc7fcc6fae5c166063f1923c48d245ce5e746679121c0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 4:48:44 PM UTC  (today)

File size:
183.3 KB (187,672 bytes)

Product version:
8.15.10.2712

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
VeriSign, Inc.

Valid from:
3/8/2011 9:00:00 AM

Valid to:
4/23/2014 8:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
10021A27D28312885C613AA498580F6F

File PE Metadata
Compilation timestamp:
3/27/2012 9:36:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1558C

Entry point:
E8, 45, 79, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, E8, 9D, 42, 00, E8, 42, F2, FF, FF, 6A, 0E, E8, F1, 3B, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 44, DA, 42, 00, BA, 40, DA, 42, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 16, EF, FF, FF, 59, FF, 76, 04, E8, 0D, EF, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 31, F2, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, BC, 3A, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 8B...
 
[+]

Entropy:
6.5743

Code size:
141.5 KB (144,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.