@RRaymond54321 You might want to check your hosts files. It never hurts to do that. The below instructions are for Bittrex but it would be the same for Binance:
Start a command prompt as administrator and issue the following command
on a normal system, it should look like this: http://imgur.com/a/VYsXQ
If it has an entry for bittrex, you are hacked. It will look like this http://imgur.com/a/bcRa6 this is what it would look like if they redirected bittrex to another IP address on your computer, since windows checks this file first before querying DNS (Domain Name System) for the IP Address of bittrex.com.
If it has some random IP address in there, this is the place that stole your money. You can trace the IP Address owner and submit a report to police/interpol/justice league/the guy who owns the ip address. Most likely it will be some internet cafe in Shanghai or India and that’s where the trail will go cold.
if the hosts file looks normal, open regedit.exe and check the registry key at:
^ this is where windows host file location is specified and this is where windows will look for the host file it uses to resolve names (www.bittrex.com) to addresses (220.127.116.11 <- their actual ip) for your browser to actually connect to.
it should look like this http://imgur.com/a/Ius1v if it isnt identical to the example I provided, you are hacked
if it doesn’t point to “%SystemRoot%\System32\drivers\etc” then they have created a fake hosts file somewhere else on your system (the new path specified in the registry key), and this is truly some next level hacking shit, because your adversary is employing stealth to mask their activities.
Another easy way to tell is to compare the results of a ping command (which uses hosts + dns) to the results from nslookup (which uses only DNS). If there is a mismatch (ping is hitting a server not listed in the results of nslookup) then this is a huge red flag. Example: http://i.imgur.com/FRZ1dOt.png
here is an example of what it would look like if bittrex.com is redirected to 18.104.22.168 in the hosts file: http://imgur.com/a/ZPAtc hosts file: http://imgur.com/a/uFJiA
If this is the case you will want to take the system down to bare metal, blow away the OS, flash the motherboard, flash any firmware you can with known good copies, etc before you use it for anything else.