Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

c:\winnt\inf\AU_gdi.inf cannot be found

Posted on 2004-09-21
10
Medium Priority
?
443 Views
Last Modified: 2012-05-05
This error message has just started appearing on all pcs on a network c:\winnt\inf\AU_gdi.inf - any ideas? I have done a search and examined all c:\winnt\inf folders but the file does not exist anywhere!  I have set the folder view options to show hidden files but dont know what this file is or where it is
0
Comment
Question by:asodohatch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110470
0
 
LVL 33

Expert Comment

by:sajuks
ID: 12110476
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110483
Hi asodohatch,
check for the existance of this Reg key
CurrentUser\Software\Microsoft\Internet Explorer\Explorer Bars\{c4ee31f3-4768-11d2-be5c-00a0l9a83da1}\000

Above from http://www.experts-exchange.com/Miscellaneous/Q_21133841.html

it would seem to be spyware related
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783

PeteL
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 1

Author Comment

by:asodohatch
ID: 12110661
Ive run spybot, hijack this and stinger - still got same problem - found an entry in the registry - rundll32 advpack.dll,LaunchINFSection C:\WINNT\INF\AU_gdi.inf,GDIToolRun,2,N - but it wont let me delete it - nothing in startup
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110692
DO you have a registry entry under

HKLM\software\software\microsoft\windows\currentversion\runonce\

called

 [GDI Detect Tool..] rundll32 advpack.dll,LaunchINFSection
0
 
LVL 3

Expert Comment

by:dheeruthakur
ID: 12113146
this file is a information file, it will not harm your computer. i have also suffered with this problem. it also create login problem in some system but after delete this value in registry. you will not receive this type of problem and your system work fine.

dheerendra
(Network engineer)
0
 
LVL 5

Expert Comment

by:Dragonmen
ID: 12116852
You must login as admin to delete this key. It looks like some hotfix did this. Try to roll back the hotfix you applied (or automatic).
0
 
LVL 1

Author Comment

by:asodohatch
ID: 12120966
Can anybody explain definitely - is this a trojan, is it caused by windows update, is it spyware.  How do we prevent it happening again
0
 
LVL 1

Accepted Solution

by:
asodohatch earned 0 total points
ID: 12179002
OK tnx anyway guys but we've finally sorted this - the AU stands for Auto Update - it is a windows autoupdate file that fails to install properly if the user does not have administrator rights.

The solution is to simply log on as administrator then the registry entry is automatically removed.  No need for spyware detection etc.  No need to manually edit registry.

You can then log on as normal user and everything is ok.

Appears to be an oversight on behalf of Microsoft

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Invest in your employees with these five simple steps to improve employee engagement and retention.
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question