Virus.DOS.DiskKiller is a memory resident boot sector virus on DOS.


The virus encrypts the disk by alternately XORing sectors with 0AAAAh and 05555h, effectively destroying the information on the disk.

Like some other boot sector viruses, Disk Killer hides in sectors it marks as "bad" in the FAT. The infection/replication mechanism is very similar to that used by other boot sector viruses - despite some early reports that this virus was somehow more advanced than the rest. On a hard disk, the virus will hide in the sectors just before the boot record. Disk Killer is the first boot sector virus that is properly able to handle other sector sizes than 512 bytes.


The virus activates if the computer has been turned on for 48 hours. If rebooted, it will then identify COMPUTER OGRE and a date of April 1st and display the following message on the screen:

Disk Killer—Version 1.00 by COMPUTER OGRE 04/01/1989
Warning !! Don't turn off the power or remove the diskette while Disk Killer is Processing!
Now you can turn off the power I wish you luck !

If the system is turned off immediately it may be possible to salvage some files on the disk using various utility programs as this virus first destroys the boot, FAT, and directory blocks.


  • Ogre
  • Disk Killer.a
  • Virus/Boot:Disk Killer