全国免费热线: 400-666-3702
导航菜单

成功案例

勒索病毒数据恢复

南京某旅游公司erp数据库中勒索病毒,sqlserver数据库无法打开,文件后缀为GDCB

经过南京兆柏数据恢复工程师的分析,通过客户老的备份文件成功数据客户数据库,数据库正常打开。

月28日,后缀GDCB病毒解密服务器被Bitdefender破解,目前可以免费恢复数据。而在3月6日今天,正瑛科技获得病毒最新变种。最新变种会在感染计算机后加密特定格式的文件,会在文件名添加上CRAB后缀,并在每个文件夹下生成CRAB-DECRYPT.txt说明信息。病毒传播方式及原理请查阅我司另外技术文件,注意预防此最新变种。

CRAB-DECRYPT内容如下:

---= GANDCRAB =---

Attention!
All your files documents, photos, databases and other important files are encrypted and have the extension: .GDCB
The only method of recovering files is to purchase a private key. It is on our server and only we can recover your files.
The server with your key is in a closed network TOR. You can get there by the following ways:
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in tor browser: http://gdcbmuveqjsli57x.onion/234d6f08ca0902eb
5. Follow the instructions on this page

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.

If you can't download TOR and use it, or in your country TOR blocked, read it:
1. Visit https://tox.chat/download.html
2. Download and install qTOX on your PC.
3. Open it, click "New Profile" and create profile.
4. Search our contact - 6C5AD4057E594E090E0C987B3089F74335DA75F04B7403E0575663C26134956917D193B195A5
5. In message please write your ID and wait our answer: 234d6f08ca0902eb