Aliases: Troj/Mogoa-A (Sophos) TR/RedCap.yogmm (Avira) W32/CCleaner.A!tr (Fortinet) Backdoor.Win32.InfeCleaner.a (other) Trojan/Win32.Floxif.C2150288 (AhnLab) Trojan.CChack.A (other) Backdoor.CCleaner!1.A3B5 (CLOUD) (Rising AV) Win32.Backdoor.Forpivast.B (other) Win32:TlsHack-A [Trj] (AVG) Win32:TlsHack-A [Trj] (other) Trojan.PRForm.A (other) BackDoor-FDQI!5AF11CBE6400 (McAfee) Trojan ( 005174a31 ) (other) TROJ_GEN.R038C0DIK17 (Trend Micro) Trojan.Sibakdi (Symantec) Win32/CCleaner.A (ESET) Win.Trojan.Floxif-6336251-0 (Clam AV) Trojan.PRForm.A (BitDefender) Trojan.PRForm.A (Ad-Aware) Trojan.PRForm.A (F-secure) Backdoor.CCHack (A) (other) Trojan.CCleaner.2 (Dr.Web) Artemis!Trojan (McAfee)
Windows Defender Antivirus detects and removes this threat.
The threat is a backdoor trojan that is related to the "trojanized" version of a third-party utility known as "CCleaner". If you have installed the infected or trojanized version of CCleaner, it's likely you'll have this threat detected on your machine.
Use the following free Microsoft software to detect and remove this threat:
You should also run a full scan. A full scan might find hidden malware.
Get more help
If you’re using Windows XP, see our Windows XP end of support page.