Solved

c:\winnt\inf\AU_gdi.inf cannot be found

Posted on 2004-09-21
10
428 Views
Last Modified: 2012-05-05
This error message has just started appearing on all pcs on a network c:\winnt\inf\AU_gdi.inf - any ideas? I have done a search and examined all c:\winnt\inf folders but the file does not exist anywhere!  I have set the folder view options to show hidden files but dont know what this file is or where it is
0
Comment
Question by:asodohatch
10 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110470
0
 
LVL 33

Expert Comment

by:sajuks
ID: 12110476
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110483
Hi asodohatch,
check for the existance of this Reg key
CurrentUser\Software\Microsoft\Internet Explorer\Explorer Bars\{c4ee31f3-4768-11d2-be5c-00a0l9a83da1}\000

Above from http://www.experts-exchange.com/Miscellaneous/Q_21133841.html

it would seem to be spyware related
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783

PeteL
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 1

Author Comment

by:asodohatch
ID: 12110661
Ive run spybot, hijack this and stinger - still got same problem - found an entry in the registry - rundll32 advpack.dll,LaunchINFSection C:\WINNT\INF\AU_gdi.inf,GDIToolRun,2,N - but it wont let me delete it - nothing in startup
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110692
DO you have a registry entry under

HKLM\software\software\microsoft\windows\currentversion\runonce\

called

 [GDI Detect Tool..] rundll32 advpack.dll,LaunchINFSection
0
 
LVL 3

Expert Comment

by:dheeruthakur
ID: 12113146
this file is a information file, it will not harm your computer. i have also suffered with this problem. it also create login problem in some system but after delete this value in registry. you will not receive this type of problem and your system work fine.

dheerendra
(Network engineer)
0
 
LVL 5

Expert Comment

by:Dragonmen
ID: 12116852
You must login as admin to delete this key. It looks like some hotfix did this. Try to roll back the hotfix you applied (or automatic).
0
 
LVL 1

Author Comment

by:asodohatch
ID: 12120966
Can anybody explain definitely - is this a trojan, is it caused by windows update, is it spyware.  How do we prevent it happening again
0
 
LVL 1

Accepted Solution

by:
asodohatch earned 0 total points
ID: 12179002
OK tnx anyway guys but we've finally sorted this - the AU stands for Auto Update - it is a windows autoupdate file that fails to install properly if the user does not have administrator rights.

The solution is to simply log on as administrator then the registry entry is automatically removed.  No need for spyware detection etc.  No need to manually edit registry.

You can then log on as normal user and everything is ok.

Appears to be an oversight on behalf of Microsoft

0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
Let’s list some of the technologies that enable smooth teleworking. 
This video shows how use content aware, what it’s used for, and when to use it over other tools.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question