When an infected file is executed, the virus will install itself in
memory and reserves 2048 bytes for itself although its size is only
992 bytes. Virus hooks INT 13h, INT 20h and INT 21h.
Virus contains a counter which is incremented every time when a
disk is being written to or formatted. When the counter reaches
766, virus terminates the current program with INT 20h and
displays a message saying 'Virus in memory !!! Created by 21.I.1990
- PMG\OTME - Tolbuhin ...' and hangs the computer.
When an infected file is executed, the virus will infect one COM
file found in the current directory. Virus will not infect files
which are smaller than 416 bytes. It doesn't infect COMMAND.COM
If an infected file is executed on the 15th day of the month,
virus overwrites 9 sectors from the beginning of the disk and
hangs the machine.
Somewhat longer variants.