F-Secure Virus Descriptions : Sandrine
Sandrine, a simple companion virus, spread through a file
called 486up.com which was supposed to improve a 486's
performance by 20 to 30%. Instead, it contained a simple 445
bytes long companion virus.
Sandrine took advantage of the fact that the DOS EXEC loader
executes a COM file before executing a similarly named EXE
file if both files are found in the same directory.
Sandrine virus has an activation routine, during which it
creates a file called SANDRINE.COM. This file contains the
text:
Sandrine Baillieux thoughts of you are in my mind
(c) 1994 by BrokenHeart
It seems that BrokenHeart was twice unlucky: Sandrine was
detected by a F-Secure anti-virus scanner in heuristic mode.
|
![](/images/pixel.gif"){kind=tracking}
