Skip to main content
Microsoft Security Intelligence
Published Sep 20, 2017 | Updated Sep 20, 2017


Detected by Microsoft Defender Antivirus

Aliases: Troj/Mogoa-A (Sophos) TR/RedCap.yogmm (Avira) W32/CCleaner.A!tr (Fortinet) Backdoor.Win32.InfeCleaner.a (other) Trojan/Win32.Floxif.C2150288 (AhnLab) Trojan.CChack.A (other) Backdoor.CCleaner!1.A3B5 (CLOUD) (Rising AV) Win32.Backdoor.Forpivast.B (other) Win32:TlsHack-A [Trj] (AVG) Win32:TlsHack-A [Trj] (other) Trojan.PRForm.A (other) BackDoor-FDQI!5AF11CBE6400 (McAfee) Trojan ( 005174a31 ) (other) TROJ_GEN.R038C0DIK17 (Trend Micro) Trojan.Sibakdi (Symantec) Win32/CCleaner.A (ESET) Win.Trojan.Floxif-6336251-0 (Clam AV) Trojan.PRForm.A (BitDefender) Trojan.PRForm.A (Ad-Aware) Trojan.PRForm.A (F-secure) Backdoor.CCHack (A) (other) Trojan.CCleaner.2 (Dr.Web) Artemis!Trojan (McAfee)


Microsoft Defender Antivirus detects and removes this threat.

The threat is a backdoor trojan that is related to the "trojanized" version of a third-party utility known as "CCleaner". If you have installed the infected or trojanized version of CCleaner, it's likely you'll have this threat detected on your machine.

Find out ways that malware can get on your PC.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us