RyanTAdams.com

Technology Advice by Ryan Taylor Adams

What is the “$hf_mig$” Folder for And Can I Delete It?

February 21st, 2008 · 3 Comments · Printer Friendly Version

WARNING! THIS POST IS MORE THAN 180 DAYS OLD!

While I make an effort to update older posts to keep them relevant and technically accurate, the rapidly changing nature of the tech world makes it possible that the content of this post may no longer be relevant, current, or even accurate. Additionally, because of this post's age, adding new comments has been disabled. If you would like to contribute new information to this post, or have questions pertaining to this post, please use the Contact Form.


If you have the “Show hidden files and folders” option enabled, you may have noticed a folder named “$hf_mig$” inside of your Windows directory. This folder contains information about previously installed updates. According to Microsoft, “When a security update, critical update, update, update rollup, driver, or feature pack installs GDR version files, the hotfix files are also copied to the %windir%\$hf_mig$ folder. This supports migration to the appropriate files if you later install a hotfix or service pack that includes earlier versions of these files.”


For example, consider the following scenario:

  1. You apply a security update that installs a GDR version of File.dll with a version number of 5.2.3790.1000 and copies a hotfix version of File.dll with a version number of 5.2.3790.1000 to the %windir%\$hf_mig$ folder.
  2. You apply a hotfix that includes a hotfix version of File.dll with a version number of 5.2.3790.0000.

In this scenario the hotfix installation in step 2 installs the hotfix version of File.dll (version number 5.2.3790.1000) from the %windir%\$hf_mig$ folder instead of the hotfix version of File.dll (version number 5.2.3790.0000) from the hotfix package.

Because the “$hf_mig$” folder is crucial to ensuring your computer has the most recent updates, you SHOULD NOT delete the “$hf_mig$” folder.

Related posts:

  1. Why Do I Get an Error When I Try to Delete a File/folder?
  2. Fix for Grayed Out Or Missing Windows Explorer Folder Pane
  3. Removing “$NtServicePackUninstall$” And Other Update Related Folders
?

3 responses so far ↓

  • 1 Removing “$NtServicePackUninstall$” and other update related folders | RyanTAdams.com // Feb 21, 2008 at 7:46 PM


    […] those folders. You can delete any of the folders that start and end with a “$”, except for “$hf_mig$”. Depending on the number of updates you have installed, deleting these folders can save […]

  • 2 Richard Hunter // Jun 30, 2009 at 8:44 AM


    Ryan, I suspect that people want to delete the $hf_mig$ folder because they believe it is harboring malware. I was infected and have been repeatably reinfected even when I have not been on-line, so my malware scans have been missing something. I have a subfolder with a very long name that appeared in $hf_mig$ about the time I was infected. Windows won’t even allow me to open it (access is denied). Its called {29F8DDc1-9487-49b8-B27E-3EOC3C1298FF}. Can I kill it? Do you know what it is?

  • 3 Ryan Adams // Jun 30, 2009 at 10:31 AM


    @Richard Hunter: Generally, all of the sub-folders are named after the hotfix update they belong to. But, that’s not enough to say the folder you mention is malicious. I’d suggest you do a full virus scan. Preferably, also do a scan from outside of Windows by using a Live CD or by connecting your hard drive to another computer.

  • 4 HighPingedLPB // Jul 27, 2009 at 4:27 PM


    Glad I looked this up. I would have jacked up my friend’s new windows install and had to start over again. Thanks for the info.