A rather nasty virus, which will activate if the computer has been turned
on for 48 hours. It will then display the following messages on the
screen:
Disk Killer -- Version 1.00 by COMPUTER OGRE 04/01/1989
Warning !!
Don't turn off the power or remove the diskette while Disk Killer is
Processing!
PROCESSING
I hope you will never see this appear - it sure means trouble, namely that
the virus has started to encrypt all the data on the hard disk (using a
simple XOR method). When finished, the virus will display this message:
Now you can turn off the power
I wish you luck !
If you see this message, start looking for a recovery program. You can of
course reformat the disk and restore everything from a backup, but it is
not necessary because the virus only encrypts everything on the disk, but
does not actually destroy anything. At least, this seems to have been the
intention of the author, but there are a few errors in the encryption code,
which may make recovery impossible.
Like some other boot sector viruses, Disk Killer hides in sectors it marks
as "bad" in the FAT. The infection/replication mechanism is very similar
to that used by other boot sector viruses - despite some early reports that
this virus was somehow more advanced than the rest. On a hard disk, the
virus will hide in the sectors just before the boot record. Disk Killer is
the first boot sector virus that is properly able to handle other sector
sizes than 512 bytes.
![](/images/pixel.gif"){kind=tracking}
