Trust me, Dave. I have been searching for solid answers for this phenomenon, believe you me.
I decided to re-examine Add/Remove Programs. Granted, I found items pertaining to ‘Hotfix’, but, NOTHING SPECIFICALLY for so-called ‘HotIron’. Astonishingly, I did find updates installed on 5/11/2012, the day the computer went berserk. Frankly, I’m not certain as to how this happened - - I could swear the second I saw patterns outside the norm, I immediately held down the power button, terminating all processes. In any event, I researched the ‘KB’ reference numbers in Microsoft’s knowledge base for the updates installed, and they stem from updates released May 8th from Microsoft. On Microsoft’s page, I still didn’t find anything about ‘HotIron’, however, the ‘KB’ numbers and description from the suspicious folders on my system matched with what was on Microsoft’s Website.
At this point, I will mark Send’s first post (on this topic) as the solution, but there are still so many unanswered questions.
In all my years working with Win Updates, I have NEVER seen one that impacted the OS so adversely. Crazy CPU consumption to the point where my cursor became extremely sluggish. Again, the last time I experienced this was confronting the Sasser Worm. Additionally, could a Windows Update open up a command prompt window? Then there is the instance of two [2] wuauclt.exe’s under Task Manager. One I can understand represents Win Update Shield in the System Tray with updates ready to be installed. Fine. The other briefly appears (at a high resource consumption) then disappears. Could that be the one that temporarily checks to see if an update is available?
Was this update even really necessary? I’m tempted to say if it looks and acts like malware, it is. I call shenanigans on Microsoft! Shame on you, Microsoft, for releasing such a poorly written update to the place where it scared numerous users into thinking that it was malware and that their protection programs failed them! Come to think of it, the other process that I thought started with the letter “d” running concurrently with HotFixInstaller under Task Manager may have been something like “NDP30SP2-KB2656407.msp” - - another component from the updates released May 8th. Moving forward, will there be a conflict if I try to get this update again being that I shredded it with MBAM’s FileAssassin?
P.S.- Although it looks like I have irreparably offended Hugh, Send is sitting back, takes a sip of his latte and remarks, “Foolish Hammer Bro, I tried to tell you HotFixInstaller was a Windows Update. No matter, I’ll just chalk you up to another solution in my column, ha, ha, ha.” (then his jazz music starts playing) To that I would say, “With the behaviour exhibited, could’ve fooled me….” 
- �1995 - 2013 Symantec Corporation Legal Notice License Agreement Privacy Policy Cookies Site Map RSS
