Discussion in 'Trojan Defence Suite' started by wesleytheant, Jan 8, 2004.
TDS has found a Binded.Hir.20.
Anyone know what this is?
Thanks and standing by...
Hello Wesley and welcome.
In the TDs helpfile there is a part about binded executables, whish is very informative.
Part of it
"TDS-3 knows of all the hacker techniques used to 'hide' a trojan server from their potential victims. Binding/Joining a file to another is one of them. What a Binder does is actually combine more than two files to make one. For example, a ZIP file can contain 3 or 4 files inside. Yet it is one file."
Interesting to read. So your binder is one of the used variants. also look in the helpfile in the Advanced deep search.
Make sure you have the last database, and check all options in the TDS scan options to see what is the file about.
Binded.Hir 2.0 (EditServer) is the trojan binder application and is not dangerous itself. It can be used to join files together.
If you have a file detected as Hir 2.0 (Variant) then it is the PRODUCT of the binder, and is a malicious application (bound trojan) which drops a trojan. I recommend sending such files in before deletion just in case.
Thanks again; you guys are great.
Separate names with a comma.