sur ce post (merry-crypto-ransomware-t56874.html) tu as écris qu'on pouvais utiliser MBAM pour virer "merry" mais je croyais que MBAM (la v2 en tout cas mais je pense que la v3 est pareil) ne détectait pas les scripts?
voilà ce qu'il écrivent sur leur forum:
Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files. That means MBAM will not target; JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.
Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 and later specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).
MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.