Cinderella II was found in the end of 1992 in Finland. It's partially based on the original Cinderella virus.
Cinderella II activates after it has infected 1000 files. At this time it tries to overwrite part of the hard disk but fails due a programming error. After this it prints the text "Cinderella II" until the machine is rebooted.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Description Created: Mikko Hypponen, F-Secure