How to remove “HackTool.Binder”?

The HackTool.Binder is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What HackTool.Binder virus can do?

• Executable code extraction
• Injection (inter-process)
• Injection (Process Hollowing)
• Injection with CreateRemoteThread in a remote process
• Possible date expiration check, exits too soon after checking local time
• Creates RWX memory
• A process attempted to delay the analysis task.
• Reads data out of its own binary image
• Drops a binary and executes it
• The binary likely contains encrypted or compressed data.
• Executed a process and injected code into it, probably while unpacking
• Attempts to remove evidence of file being downloaded from the Internet
• Installs itself for autorun at Windows startup
• Checks the CPU name from registry, possibly for anti-virtualization
• Collects information to fingerprint the system
• Anomalous binary characteristics

How to determine HackTool.Binder?

File Info:
crc32: 745B025Dmd5: cfe04dd5385eba6554b760b91cc5d4d3name: 5623198.jpgsha1: 48f9f5399eed5ae993ce2ff50bf74afa7da25834sha256: e68dc0aedfba364da07032a79da5d5e71c0bc47b8676a143ae4ce5cd95c30ef5sha512: 177a4e93bd4ee7b5a6bfd28dc8131da1fe282e142b55e46bec3d6de847b88058eb7ec972e1f99c334b1c5f60bb4a97013a6d5e71cea31bae006592b7ebe58ccdssdeep: 24576:Gt7Yh23Pl/JPzliNZxmGfeHi7YmJXFsoPvWZ:Ghv3NBlq3mGfeHE5Fso3Wtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

HackTool.Binder also known as:

Bkav	W32.GenericBinderLnr.Trojan
MicroWorld-eScan	Dropped:Trojan.GenericKDZ.59687
FireEye	Generic.mg.cfe04dd5385eba65
CAT-QuickHeal	VirTool.Vbinder.CO5
ALYac	Dropped:Trojan.GenericKDZ.59687
Malwarebytes	HackTool.Binder
SUPERAntiSpyware	Trojan.Agent/Gen-Binder
K7AntiVirus	Trojan ( 004babd11 )
Alibaba	HackTool:Win32/Binder.ec56d5e5
K7GW	Trojan ( 004babd11 )
Cybereason	malicious.5385eb
Invincea	heuristic
BitDefenderTheta	Gen:NN.ZexaF.32250.fvW@aWTLD1iG
Cyren	W32/Backdoor.FVDJ-1096
Symantec	SMG.Heur!gen
TotalDefense	Win32/Tnega.AGBZ
Baidu	Win32.Trojan-Dropper.Binder.m
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Binder-6
Kaspersky	HackTool.Win32.Binder.bs
BitDefender	Dropped:Trojan.GenericKDZ.59687
ViRobot	Trojan.Win32.A.Swisyn.49120
Ad-Aware	Dropped:Trojan.GenericKDZ.59687
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.TrojanDropper.Binder.cls@4m6ovz
F-Secure	Heuristic.HEUR/AGEN.1026512
DrWeb	Trojan.MulDrop2.39589
VIPRE	Trojan-Dropper.Win32.Binder.bs (v)
TrendMicro	TROJ_BINDER_FC1700C9.UVPA
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
Trapmine	malicious.high.ml.score
CMC	HackTool.Win32.Binder!O
Emsisoft	Gen:Variant.Binder.1 (B)
SentinelOne	DFI – Malicious PE
Jiangmin	HackTool.Binder.bh
Avira	HEUR/AGEN.1026512
Antiy-AVL	Trojan[PSW]/MSIL.Heye
Endgame	malicious (high confidence)
Microsoft	VirTool:Win32/Vbinder.CO
AegisLab	Hacktool.Win32.Binder.lo77
ZoneAlarm	HackTool.Win32.Binder.bs
GData	Win32.Trojan.Binder.A
AhnLab-V3	HackTool/Win32.Vbinder.R12127
Acronis	suspicious
McAfee	Trojan-FDDZ!CFE04DD5385E
VBA32	Binder.Celesty
ESET-NOD32	Win32/TrojanDropper.Binder.NBH
TrendMicro-HouseCall	TROJ_BINDER_FC1700C9.UVPA
Rising	Dropper.Binder!1.AEB1 (CLASSIC)
Yandex	HackTool.Binder!IMtdREcP3/k
MAX	malware (ai score=84)
Fortinet	W32/Dropper.NBH!tr
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.Hacktool.4af

How to remove HackTool.Binder?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.