When the file is loaded, it comes up with a message pretending to be a debugger. The app crashes when the message box is closed. It adds a "m_regedit.exe" file to the WINDOWS folder, which it will try to run when the real "regedit.exe" is run from Run. The worm adds itself to the registry to activate when the computer starts up.

Whenever an infected file is run in 2003, the computer reboots. Whenever the desktop is loaded, the worm runs and reboots the system. To recover the system, the user must reboot to Safe Mode and delete the registry entries and files.

Community content is available under CC-BY-SA unless otherwise noted.