Skip to main content
Microsoft Security Intelligence
Published Oct 01, 2014 | Updated Sep 15, 2017


Detected by Microsoft Defender Antivirus

Aliases: Win32/TrojanDownloader.Hancitor.B (ESET) W32/TINBA.BRI!tr (Fortinet) TROJ_TINBA.BRI (Trend Micro)


Microsoft Defender Antivirus detects and removes this threat. The threat is a trojan that tries to connect to a remote server. It can then download and run other files, which might be more malware.

Typically, this threats gets onto your PC as a result of a drive-by download attack. It can also be installed if you visit a compromised or hacked webpage or use an infected removable drive.

Find out ways that malware can get on your PC.  

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Use cloud protection

Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Microsoft Defender Antivirus for Windows 10. 

Go to Settings > Update & security > Windows Defender > Windows Defender Security Center > Virus & threat protection and make sure that your Cloud-based Protection settings is turned On.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us