[FakeSysdef] System Defragmenter aka Scan Disk aka Check Disk, A New Malware in Town

Initially it was “System Defragmenter“, then “Scan Disk” and now it’s called “Check Disk“. While the name will most certainly change again, the main goal of Trojan:Win32/FakeSysdef will surely remain the same: to trick you into buying a piece of software that does nothing except scare you with fake warnings, critical “errors” and other “problems”.

As the name suggests, this malware imitates a hard disk defragmenter. It will pretend to scan your computer for problems such as: it “checks” if your hard disk is working correctly, “defragments” it, and even checks the health status of your RAM and GPU (Graphic Processor Unit). Of course, once you start checking for problems using this ‘program’ it is going to “find” a bucketful of them:

• Bad sectors
• RAM fragmentation
• Registry errors
• Very high CPU/GPU temperature
• RAM failures

Apparently all those problems can be resolved by just running the “defragmentation” function on your hard drive; unfortunately that component is not “enabled” and to enable it you need to buy the full version of the product. You kind of expected that right?

If you choose not to buy the product, it will just stay in your status bar and will remind you every few minutes that your computer has problems that should be fixed.

Even though this malware is relatively new (only appeared 2 months ago) it has already passed through various iterations.