Warning message... Link to action
Read about our in-depth analysis of a new high-volume campaign that marked the resurgence of notorious malware-as-a-service Hawkeye Keylogger. Read the blog post
Aliases: Troj/Mogoa-A (Sophos) TR/RedCap.yogmm (Avira) W32/CCleaner.A!tr (Fortinet) Backdoor.Win32.InfeCleaner.a (other) Trojan/Win32.Floxif.C2150288 (AhnLab) Trojan.CChack.A (other) Backdoor.CCleaner!1.A3B5 (CLOUD) (Rising AV) Win32.Backdoor.Forpivast.B (other) Win32:TlsHack-A [Trj] (AVG) Win32:TlsHack-A [Trj] (other) Trojan.PRForm.A (other) BackDoor-FDQI!5AF11CBE6400 (McAfee) Trojan ( 005174a31 ) (other) TROJ_GEN.R038C0DIK17 (Trend Micro) Trojan.Sibakdi (Symantec) Win32/CCleaner.A (ESET) Win.Trojan.Floxif-6336251-0 (Clam AV) Trojan.PRForm.A (BitDefender) Trojan.PRForm.A (Ad-Aware) Trojan.PRForm.A (F-secure) Backdoor.CCHack (A) (other) Trojan.CCleaner.2 (Dr.Web) Artemis!Trojan (McAfee)
Windows Defender Antivirus detects and removes this threat.
The threat is a backdoor trojan that is related to the "trojanized" version of a third-party utility known as "CCleaner". If you have installed the infected or trojanized version of CCleaner, it's likely you'll have this threat detected on your machine.