Hotfix.exe
Hotfix.exe is a process that belongs to MSDDHotfix. Hotfix.exe is used in the installation of Windows NT hotfixes. A Windows NT hotfix is a collection of different files which can be applied to a system in order to fix an existing problem. The name, Hotfix.exe, is also used by cyber-criminals to mask malware. For example the main executable for the rogueware called ThinkPoint is named Hotfix.exe.
Registry Details
Hotfix.exe may create the following registry entry or registry entries:
[HKEY_CLASSES_ROOT\.exe\shell\open\command]
"Content Type"="application/x-msdownload"
[HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
@="exefile"
[HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
[-HKEY_CLASSES_ROOT\secfile]
