Solved

c:\winnt\inf\AU_gdi.inf cannot be found

Posted on 2004-09-21
10
431 Views
Last Modified: 2012-05-05
This error message has just started appearing on all pcs on a network c:\winnt\inf\AU_gdi.inf - any ideas? I have done a search and examined all c:\winnt\inf folders but the file does not exist anywhere!  I have set the folder view options to show hidden files but dont know what this file is or where it is
0
Comment
Question by:asodohatch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110470
0
 
LVL 33

Expert Comment

by:sajuks
ID: 12110476
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110483
Hi asodohatch,
check for the existance of this Reg key
CurrentUser\Software\Microsoft\Internet Explorer\Explorer Bars\{c4ee31f3-4768-11d2-be5c-00a0l9a83da1}\000

Above from http://www.experts-exchange.com/Miscellaneous/Q_21133841.html

it would seem to be spyware related
Browser Hijacking/Spyware/Adware/Malware Removal instructions

Full removal and Prevention instructions are available on my website,

http://www.petenetlive.com/Tech/Browsers/hijack.htm

Please don't "Gum up" the TA's here by posting Hijack This Logs
go here and have it analysed.
http://www.hijackthis.de/index.php?langselect=english

The EE Official Link to info is,
 http:Q_20975384.html#10973783

PeteL
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:asodohatch
ID: 12110661
Ive run spybot, hijack this and stinger - still got same problem - found an entry in the registry - rundll32 advpack.dll,LaunchINFSection C:\WINNT\INF\AU_gdi.inf,GDIToolRun,2,N - but it wont let me delete it - nothing in startup
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12110692
DO you have a registry entry under

HKLM\software\software\microsoft\windows\currentversion\runonce\

called

 [GDI Detect Tool..] rundll32 advpack.dll,LaunchINFSection
0
 
LVL 3

Expert Comment

by:dheeruthakur
ID: 12113146
this file is a information file, it will not harm your computer. i have also suffered with this problem. it also create login problem in some system but after delete this value in registry. you will not receive this type of problem and your system work fine.

dheerendra
(Network engineer)
0
 
LVL 5

Expert Comment

by:Dragonmen
ID: 12116852
You must login as admin to delete this key. It looks like some hotfix did this. Try to roll back the hotfix you applied (or automatic).
0
 
LVL 1

Author Comment

by:asodohatch
ID: 12120966
Can anybody explain definitely - is this a trojan, is it caused by windows update, is it spyware.  How do we prevent it happening again
0
 
LVL 1

Accepted Solution

by:
asodohatch earned 0 total points
ID: 12179002
OK tnx anyway guys but we've finally sorted this - the AU stands for Auto Update - it is a windows autoupdate file that fails to install properly if the user does not have administrator rights.

The solution is to simply log on as administrator then the registry entry is automatically removed.  No need for spyware detection etc.  No need to manually edit registry.

You can then log on as normal user and everything is ok.

Appears to be an oversight on behalf of Microsoft

0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Peachtree 2012 Help 2 88
Company IT policies concerning licensing 4 89
Determining Project Cost 1 92
Password Management 4 46
This article describes how to use the timestamp of existing data in a database to allow Tableau to calculate the prior work day instead of relying on case statements or if statements to calculate the days of the week.
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifiā€¦
Using Adobe Premiere Pro, the viewer will learn how to set up a sequence with proper settings, importing pictures, rendering, and exporting the finished product.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question