?
Solved

c:\winnt\inf\AU_gdi.inf cannot be found

Posted on 2004-09-21
10
Medium Priority
?
437 Views
Last Modified: 2012-05-05
This error message has just started appearing on all pcs on a network c:\winnt\inf\AU_gdi.inf - any ideas? I have done a search and examined all c:\winnt\inf folders but the file does not exist anywhere!  I have set the folder view options to show hidden files but dont know what this file is or where it is
0
Comment
Question by:asodohatch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110470
0
 
LVL 33

Expert Comment

by:sajuks
ID: 12110476
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110483
Hi asodohatch,
check for the existance of this Reg key
CurrentUser\Software\Microsoft\Internet Explorer\Explorer Bars\{c4ee31f3-4768-11d2-be5c-00a0l9a83da1}\000

Above from http://www.experts-exchange.com/Miscellaneous/Q_21133841.html

it would seem to be spyware related
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783

PeteL
0
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 
LVL 1

Author Comment

by:asodohatch
ID: 12110661
Ive run spybot, hijack this and stinger - still got same problem - found an entry in the registry - rundll32 advpack.dll,LaunchINFSection C:\WINNT\INF\AU_gdi.inf,GDIToolRun,2,N - but it wont let me delete it - nothing in startup
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110692
DO you have a registry entry under

HKLM\software\software\microsoft\windows\currentversion\runonce\

called

 [GDI Detect Tool..] rundll32 advpack.dll,LaunchINFSection
0
 
LVL 3

Expert Comment

by:dheeruthakur
ID: 12113146
this file is a information file, it will not harm your computer. i have also suffered with this problem. it also create login problem in some system but after delete this value in registry. you will not receive this type of problem and your system work fine.

dheerendra
(Network engineer)
0
 
LVL 5

Expert Comment

by:Dragonmen
ID: 12116852
You must login as admin to delete this key. It looks like some hotfix did this. Try to roll back the hotfix you applied (or automatic).
0
 
LVL 1

Author Comment

by:asodohatch
ID: 12120966
Can anybody explain definitely - is this a trojan, is it caused by windows update, is it spyware.  How do we prevent it happening again
0
 
LVL 1

Accepted Solution

by:
asodohatch earned 0 total points
ID: 12179002
OK tnx anyway guys but we've finally sorted this - the AU stands for Auto Update - it is a windows autoupdate file that fails to install properly if the user does not have administrator rights.

The solution is to simply log on as administrator then the registry entry is automatically removed.  No need for spyware detection etc.  No need to manually edit registry.

You can then log on as normal user and everything is ok.

Appears to be an oversight on behalf of Microsoft

0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
All of the resources available today make learning a new digital media easier than ever-- if you know where to begin. This is a clear, simple guide to a few of the basic digital art mediums and how to begin learning them on your own.
Video by: Tony
This video teaches viewers how to export a project from Adobe Premiere Pro and the various file types involved.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question