Can't get rid of "intell32.exe"

My desktop is messed up again. This time I couldn't tell when it happened, but after running HJT and comparing it to what happened about a week ago, I thought I could fix it myself. But I can't!

What I have done:
• I ran HJT and found:
"O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe "
so I had JHT remove it
Then, I ran:
• Ad-Aware, SpyBot, CWShredder
• Deleted all Temp and Internet Temporary files
• Ran about:Buster - twice
• Rebooted in Safe Mode
• Deleted "C:\Windows\System\intell32.exe "
(But did not find QTTASK.EXE as I had the last time)
• Again made sure that all Temp folders were emptied
• Went to Smitrem and double-clicked "RunThis.Bat" and it ran.

Rebooted normally, and the desktop still messed up.
I have done this six times, including running HJT once while in Safe Mode, but HJT continues to find:
"O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe "
every time! And of course, the "intell32.exe" is there again every time.

What am I missing?
Here is the seventh HJT log of the day:
----------------------------
Logfile of HijackThis v1.99.1
Scan saved at 12:19:26 PM, on 8/14/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\INTELL32.EXE
C:\HJT\HIJACKTHIS.EXE

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE "
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [The Rush Limbaugh Show] C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.dell.com/us/en/systemprofiler/SysProfLCD.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
----------------------------
Thank you

NOTE: One thing I was able to do is to Ctrl-Alt-Del and stop "intell32 ", then go to the folder and delete "intell32.exe" (which I had deleted several times under safe mode!). I then used the System>Properties to restore my desktop (get rid of the junk telling me that the desptop is corrupted!). But I suspect that when I reboot, "intell32" will run again.

Alex

 

Unfortunately, as I had suspected, as soon as I rebooted, the "intell32.exe" reloaded and messed up my desktop. Again, I "Ctrl-Alt-Del" halted it and deleted the file at \System... but it will come back.

HJT didn't 'seem' to list anything that wasn't OK from the previous time except, of course, for just the "intell.exe" file itself. What is loading back on?

Thanks for your help.

Alex

 

New HJT log - how to fix it?

Well, I have kept trying, but the "intell32.exe" keeps coming back and messing up my desktop and all the icons.
Latest:
=======================
Logfile of HijackThis v1.99.1
Scan saved at 7:13:00 PM, on 8/15/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
C:\HJT\HIJACKTHIS.EXE

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE "
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [The Rush Limbaugh Show] C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.dell.com/us/en/systemprofiler/SysProfLCD.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
========================
Your help will be greatly appreciated.

Alex

 

First disable System Restore ME and reboot.

Open HJT, and click on 'Open misc tools section', then click on "Delete a file on reboot', a File Open window will appear. Copy/Paste the following into it.

C:\WINDOWS\SYSTEM\intell32.exe

Then click on Open, and you will be prompted to reboot, select No at this time.

Rescan with HJT, and remove this item.

O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe


Reboot into Safe Mode. Delete the Temp IE files, and delete all files and folders located in this folder.

C:\Windows\Temp

Then reboot in Normal mode, and enable System Restore.

If you would like your system to run a bit better, remove these items from startup, they are unnecessary.
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
Then delete all the files in this folder, they were created by Taskmon and are no longer needed.

C:\Windows\Applog

 

Mark,
1. Checked Disable System Restore (actually, it was that way)
2. Pasted "C:\WINDOWS\SYSTEM\intell32.exe" to be deleted on reboot by HJT.
3. Looked for "O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\SYSTEM\intell32.exe" but it was not there.
4. Rebooted in SafeMode and deleted temporary files.
5. Rebooted in normal mode, but the desktop came back with the annoying message and all messed up.

Interestingly, "intell32.exe" is nowhere to be found, so what is causing the problem? Is it possible that it gets loaded and run before HJT deletes it on reboot?

Also, I can easily fix the desktop from: Properties > Background, and it stays fixed, that is, until I reboot. Could it be just a residual startup file that is causing the problem independently from "intell32.exe "?

Here is the HJT log:
---------------------------
Logfile of HijackThis v1.99.1
Scan saved at 11:22:47 PM, on 8/15/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\HJT\HIJACKTHIS.EXE

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE "
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [The Rush Limbaugh Show] C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.dell.com/us/en/systemprofiler/SysProfLCD.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
=====================================

Second priority:
Yes, I would like to remove these programs you recommended for StartUp, but couldn't find them. Can I use HJT to delete them?

Thanks
Alex

 

Besides the desktop having the annoying message and messed up icons upon reboot, which I can fix, the system is extremely slow at some operations. For example, any file operation done with the windows explorer takes minutes, and to close the explorer takes forever.

I noticed a new task running: SPOOL32.EXE - should it be?

HJT Log:
==================================
Logfile of HijackThis v1.99.1
Scan saved at 7:54:43 PM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\HJT\HIJACKTHIS.EXE

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE "
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [The Rush Limbaugh Show] C:\PROGRAM FILES\RUSH 24-7 MEDIA CENTER\RUSH 24-7 MEDIA CENTER.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.dell.com/us/en/systemprofiler/SysProfLCD.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab

==================================
Thanks -
Alex

 

This is just a guess on my part about this message, get EXEfix08, and run it once.
What is the error message?

Open the C:\Windows\System.Ini file with Notepad, look for intell32.exe in it. If you find it, copy/paste the line and the section it is under. For example:

[boot]
system.drv=system.drv
drivers=mmsystem.dll power.drv paprport
user.exe=user.exe

SPOOL32.EXE is part of ME's printer spooler, it is in the correct folder.
Your HJT log is clean.

 

(1)
EXEfix08 said: No Tangible Errors Found - (or something like that)
I noticed that it is for Win 95/98, but I have Win ME - is that OK?

(2) Did not find intell32 in the system.ini file.
Here is what it contains:
===================
[boot]
oemfonts.fon=vgaoem.fon
shell=Explorer.exe
system.drv=system.drv
drivers=mmsystem.dll power.drv
user.exe=user.exe
gdi.exe=gdi.exe
sound.drv=mmsound.drv
dibeng.drv=dibeng.dll
comm.drv=comm.drv
mouse.drv=mouse.drv
keyboard.drv=keyboard.drv
*DisplayFallback=0
fonts.fon=vgasys.fon
fixedfon.fon=vgafix.fon
386Grabber=vgafull.3gr
display.drv=pnpdrvr.drv
SCRNSAVE.EXE=C:\WINDOWS\HKINAC~1.SCR

[keyboard]
keyboard.dll=
oemansi.bin=
subtype=
type=4

[boot.description]
system.drv=Standard PC
mouse.drv=Microsoft Mouse
keyboard.typ=Standard 101/102-Key or Microsoft Natural Keyboard
aspect=100,96,96
display.drv=Standard PCI Graphics Adapter (VGA)

[386Enh]
ebios=*ebios
woafont=dosapp.fon
mouse=*vmouse, msmouse.vxd
device=*dynapage
device=*vcd
device=*vpd
device=*int13
display=*vdd,*vflatd
EMMExclude=C000-CFFF
device=*enable

[NonWindowsApp]
TTInitialSizes=4 5 6 7 8 9 10 11 12 13 14 15 16 18 20 22

[power.drv]

[drivers]
wavemapper=*.drv
MSACM.imaadpcm=*.acm
MSACM.msadpcm=*.acm
wave=mmsystem.dll
midi=mmsystem.dll

[iccvid.drv]

[mciseq.drv]

[mci]
cdaudio=mcicda.drv
sequencer=mciseq.drv
waveaudio=mciwave.drv
avivideo=mciavi.drv
videodisc=mcipionr.drv
vcr=mcivisca.drv
MPEGVideo=mciqtz.drv
MPEGVideo2=mciqtz.drv

[vcache]

[MSNP32]

[Password Lists]
ALEX=C:\WINDOWS\ALEX.PWL

[Display]

[drivers32]
msacm.lhacm=lhacm.acm
VIDC.VDOM=vdowave.drv
msacm.msaudio1=msaud32.acm
msacm.sl_anet=sl_anet.acm
MSACM.msg711=msg711.acm
vidc.CVID=iccvid.dll
VIDC.IV31=ir32_32.dll
VIDC.IV32=ir32_32.dll
vidc.MSVC=msvidc32.dll
VIDC.MRLE=msrle32.dll
msacm.msg723=msg723.acm
vidc.M263=msh263.drv
vidc.M261=msh261.drv
VIDC.IV50=ir50_32.dll
msacm.iac2=C:\WINDOWS\SYSTEM\IAC25_32.AX
msacm.l3acm=C:\WINDOWS\SYSTEM\L3CODECA.ACM
VIDC.YUY2=msyuv.dll
VIDC.UYVY=msyuv.dll
VIDC.YVYU=msyuv.dll
MSACM.imaadpcm=imaadp32.acm
MSACM.msadpcm=msadp32.acm
MSACM.msgsm610=msgsm32.acm
MSACM.trspch=tssoft32.acm
VIDC.TSCC=tsccvid.dll
VIDC.WMV3=wmv9vcm.dll

[TTFontDimenCache]
0 4=2 4
0 5=3 5
0 6=4 6
0 7=4 7
0 8=5 8
0 9=5 9
0 10=6 10
0 11=7 11
0 12=7 12
0 13=8 13
0 14=8 14
0 15=9 15
0 16=10 16
0 18=11 18
0 20=12 20
0 22=13 22
===============================
Thank you so much for your time - I really appreciate it
- I hope we can fix this...

Alex

 

That file would work for any windows OS.

"Besides the desktop having the annoying message "
What is this message? It could tell me and others alot.

 

Well,
It appears under the icons and maybe it is OK - it says:
---------------------------------------------------
"Active Desktop Recovery (< this line in larger font)
Microsoft Windows has experienced an unexpected error. As a precaution, your Active Desktop has been turned off. To restore the Active Desktop, use the following troubleshooting tips:
• Did your browser stop working, or did you restart your computer without shutting it down first? If so, click:
[Restore my Active Desktop] (< button)
• Did you recently add a new item to your Active Desktop" If so:
1. Right click the desktop to open the Desktop menu, point to Active Desktop, click Customize my Desktop
2. Clear the check box for the item you added most recently.
• Do you want to turn off your Active Desktop? If so:
Right click the desktop, point to Active Desktop, and then Show Web Content "
(And there is a blue triangle with an exclamation point inside.)
------------------------------------------------------------

Since this started at the same time as the "intell32.exe" (which appears to be gone now) I did not trust it to be legitimate.

Is it legit? Should I follow the steps it recommends?

Thanks

Alex

 

Yes, that is a legitimate message, asking if you want to remove the last item that was added, it could be corrupt.
You really do not need Active Desktop at all, your system will run better without it.

 

Good to know, and agree, so I just followed the last of the listed options:

• Do you want to turn off your Active Desktop? If so:
Right click the desktop, point to Active Desktop, and then Show Web Content.

Thanks!

Alex