Welcome to the Virus Encyclopedia of Panda Security.
Hoots.A has no destructive efects. It just sends the following image to the local network printers:
Hoots.A creates one of the following files:
- O RLY.EXE in the Startup directory. This way, it ensures that it is run whenever Windows is started.
- CHECK.EXE in the C: drive.
These files are copies of the worm.
Means of transmission
Transmission through shared resources and mapped drives.
If the affected computer is connected to a network, Hoots.A carries out the following actions:
- It attempts to gain access to shared network drives. In order to do this, it uses passwords that are commonly-used or easy to guess. If successful, it copies itself to the shared drives.
- It draws up an inventory of all the mapped network drives and creates a copy of itself in all of them.
Hoots.A is written the programming language Visual Basic. This worm is 380,928 bytes in size.