This is the documentation for the stand alone remover for the
Hooters.4676 virus.  To get a syntax summary, run the remover with
no parameters.

The remover restores files infected with the Hooters.4676 virus to there
original state.  It accepts arguments either on the command line, or in
a response file.  The name of any response file must be immediately preceded
by a `@' character.  The remover will not search subdirectories, so all
files must be listed either on the command line or in a response file.

The response file must contain only file names, and only one per line.
Although the remover will accept wild cards in filenames that it is
directly attempting to clean, it will not accept wild cards in the name
of any response file, or in any file name in a response file.

Response files can be generated with this command:

DIR /S /B /A-D C:\ > RESPFILE

If you want to check and clean a different drive than C:, use it in place of
the C: in the command above.

The remover includes a sophisticated algorithm to detect the Hooters.4676
virus, and it will only attempt to remove the virus from files it finds to
be infected.  Thus, it is safe to use the remover on files that are not
infected.

The remover uses the C: drive for temporary files by default.  If you want
to use a different drive, or a subdirectory of the C: drive, set the TMP
environment variable to the name of the drive and directory for temporary
files before using the remover.  For example, this command:

SET TMP=C:\WINDOWS\TEMP

sets the directory used for temporary files to the TEMP subdirectory of the
WINDOWS directory on the C: drive.
