Wallet virus bitcoin extortion and decryption SQL database repair case


About AET A kind of Copyright declaration A kind of Collection site A kind of Website map Welcome to Hefei's Mdt InfoTech Ltd website.
National 24 hour expert Hotline 400-668-9959
 15 years successfully solved all kinds of data recovery problems for more than 20000 customers.

Are you looking for: Data lost retrieved Database repair RAID5 data recovery U disk data recovery

Service hotline: 400-668-9959

Telephone: 0551-6366-0899

Mailbox: 985205888@qq.com

Address: Room 1817, building 6, cyber Plaza, Mount Huangshan Road, Shushan District, Hefei.

    Wallet virus bitcoin extortion and decryption SQL database repair case

    Bitcoin ransom virus in SQL database How to restore and how to decrypt?

    Client unit: Zero unit of a Chinese Medicine

    Case scenario: The user core business server is attacked by Wallet virus, Sql The name of the Server2008R2 database file is modified, added to the extortion mailbox, and ended with Wallet. The details are shown below: the file is encrypted, the file is encrypted through the WINHEX viewer, the underlying file is modified, the database is queried (suspected), the core business service is stopped, the situation is urgent, the user is contacted with the software supplier, and the on-site engineer has never seen such a case. Contact (our old customer) to judge that the ransom virus is encrypted. It is recommended that customers break the network immediately, copy the database files, prepare backup files, and repair the database files.

     QQ picture 20170428141202.png

    Operating environment: Windows service2008 system, do RAID5, SQL2008R2 database

    Recovery time: April 5, 2017

    Decryption recovery Analysis:

    1. view the underlying structure of the database file:

     QQ picture 20170428141233.png

    2. the user provided an earlier bak file and restored the database to see the database table structure (a total of 1138 Zhang Biao).

    3. use the existing table structure to restore the database files damaged by virus, and export all the data tables to the previously prepared empty libraries.

    4. data query is accurate, part of the table structure is seriously damaged, developers regenerate, software function is used normally, database repair is successful. At this point, SQL database Wallet bitcoin extortion virus, encrypted MDF file successfully restored.

     QQ picture 20170428141305.png

    Ransom virus in database Summary of recovery:

    1. unwittingly, "virus code", all documents in the machine have been modified "look", do not panic, and there are solutions at present.

    To find a hacker to pay ransom, decrypt, such a high cost, there are risks, but important data have to try;

    Second, find intermediary agent decryption, pay ransom + intermediary fees, high cost, the risk borne by the intermediary, of course, to sign a contract, agreed not to successfully refund, or no success, no charge, otherwise there may be intermediary pit;

    (3) to restore the company to repair, at present, our SQL/ORACEL/ database can be repaired, which is far lower than the ransom, and the success rate is very high, but there are not many companies that can recover.

    4. Cracking down on decryption. It is understood that there are no successful cases in the industry and good news is expected.

    2. when you encounter this kind of situation, do not "rush into the doctor", avoid being again pit, break the network, do not have other unencrypted U disk, mobile hard disk and other storage medium, contact us in time: 13305512885, we will try to help you decipher / restore data at the lowest cost, and get the latest information.

    3. protect the source files from being destroyed for two times, or log in to our website. zycscdp.cn Understand the latest information about bitcoin ransom virus.

    * Indicating necessary For more details of the service, please leave your contact information.
    * Contacts: Please fill in your real name.
    Corporate name: Please fill in the name of your company.
    Contact number:
    * Phone number: Please fill in your contact number.
    Contact address:
    * Description of purchasing intention:
    Please fill in Consultation The quantity and description of the products are convenient for us to make stock.
    * Verification Code:  Verification Code

    Related information

    Messages Online diagnosis Input the contact way, the professional customer service team will contact you in 15 minutes.

    567彩票 下载 北斗棋牌全部版本 下载星云娱乐斗地主 中彩网投注为什么不花钱 双色球11进制定胆技巧 乐彩3d论坛手机17500 乐彩网17500双色球出球顺序 七乐彩7十1开奖结果 284彩票网址 3d172前后关系