Trojan:Win32/FakeSysdef A.K.A "System Defragmenter" Surfaces

"Initially known as "System Defragmenter", then "Scan Disk" and now it's called "Check Disk". While the name will most certainly change again, the main goal of Trojan:Win32/FakeSysdef will surely remain the same: to trick you into buying a piece of software that does nothing except scare you with fake warnings, critical "errors" and other "problems".As […]

"Initially known as "System Defragmenter", then "Scan Disk" and now it's called "Check Disk". While the name will most certainly change again, the main goal of Trojan:Win32/FakeSysdef will surely remain the same: to trick you into buying a piece of software that does nothing except scare you with fake warnings, critical "errors" and other "problems".

As the name suggests, this malware imitates a hard disk defragmenter. It pretend to scan your computer for problems such as: it "checks" if your hard disk is working correctly, "defragments" it, and even checks the health status of your RAM and GPU (Graphic Processor Unit). Of course, once you start checking for problems using this 'program' it's going to "find" a bucketful of them," explains Microsoft MMPC.

Trojan:Win32/FakeSysdef

Below are example SHA1 hashes for the malware discussed in this blog:

cadacb248411c287822b2b09d6fff301a0f294a8
5a69f5fa043d2f5141226d10cb67d6d2a2d59f4a
d7195878d15c0e294101c5385b402b75885216f8

While writing this blog, a new version of the malware was encountered, "Win HDD" with the following SHA1:

1905DE84FBA23A9152317A7F7C0BE7D1B3F07D70

[Source]