When the virus is run, it searches for an uninfected COMMAND.COM from the root directory (C:\), and then infect it if found. And then it infects the other executables by writing itself to the end of these files.
When there is no more executables to infect in root, it looks for PATH string defined in AUTOEXEC, and infects any uninfected COMMAND.COM if found, followed by other DOS executables, and EXE executables, by searching for the first uninfected file.
A noticeable delay can be observed on running some of the infected programs.
Files infected by this virus might not function properly or even cause a system hang on run.
The system will fail to recognize the command interpreter after next system boot.
The virus contains the internal text strings:
4RESPATH=COMSPEC=*.COM *.EXE 4RES