Strictly on schedule a new fake system utility, Check Disk, has been launched on this weekend. Last week it was ScanDisk, and week before we had Ultra Defragger. It shows how fast malware creators create a new skins and names for their parasites. CheckDisk belong to family of rogues that try scaring you into buying their full version because of hardware errors rather than OS infections. To simulate that, they show various scare messages like these:
Bad Sectors on hard drive or damaged file allocation table – Critical Error
Hard drive does not respond to system commands – Critical Error
Requested registry access is not allowed. Registry defragmentation required
Read time of hard drive clusters less than 500 ms
32% of HDD space is unreadable
Bad sectors on hard drive or damaged file allocation table
GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash
Drive C initializing error
Ram Temperature is 83 C. Optimization is required for normal operation.
Hard drive doesn’t respond to system commands
Data Safety Problem. System integrity is at risk.
Registry Error – Critical Error
Windows can’t find hard disk space. Hard drive error
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.
A critical error has occurred while indexing data stored on hard drive. System restart required.
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.
Check Disk might also show various system alerts similar to its predecessors. To make users pay attention to these fake messages, some of the executed programs are stopped and it is claimed that they are not accessible on disk. These messages can be ignored – your hard drive is OK, your OS is not.
If Check Disk detected problems were real, system would not likely to boot or you would need to replace the defective hardware. Usually software fixes like disk defragmentation offered by this malware is not effective. The biggest issue is that CheckDisk will not do anything, even if you get registration key for it: it will just stop showing alerts, but no real optimization will be performed. So if you pay for this overpriced tool, you have wasted your money and gave away your credit card details for scammers.
Security researcher S!ri posted a registration key for CheckDisk : 0973467457475070215340537432225. It might not work with all versions of this malware, but it can make removal process a bit easier.
This family of rogues is not very aggressive, so you are able to launch programs after couple of tries anyway. As it uses %TEMP% for its execution location, cleaning your PC with CCleaner will likely to solve the main problem. However, we recommend scanning with spyhunter or Malwarebytes to doublecheck your system for trojan downloaders, that are underlying problem for CheckDisk alerts.
Automatic Malware removal tools