so today and now my laptop got infected
all my icons are among us
every time i restart my laptop i get autorun worm
ok so i decided to run a virus total scan on any icon i have and this happend
edit:
the user info
the guy names Ytzmo runs a discord server which he provide free discord nitro
and yes from a while the rat has been running
the dump is using NJRAT
The FIle IS fully undected
once you click it you will see this on your startup
check the results here
I’d recommend just resetting fully, most of your files are probably binded with malware.
The malware itself is GitHub · Where software is built I am pretty sure, so as not much information on the GitHub page my friend says it runs NJRat, however the version you have could be another variant as this Mbr-Builder modifies the Mbr to display a custom message.
This is will be bad move if he start ransomware first before he transfer all files. because he cannot access him pc after destroy it, also njRAT were leaked source code so if he found a way decompiler the stub (stub.exe) for look an full information such a DDNS, IP Addresses, he can do escape if found all files which were infected (copiried) from Synaptics.exe. How we know the Synaptics isn’t the big problem it only replace already exist executables with fake virus and autorun. ← just an option from the RAT. Another problem is the obfuscation but may will be easy because the source code already is published and you can deobfuscate the details.
[color=#0FFFFF]**Also using a free shit tools like discord nitro is malicious. **[/color]
