Monthly Archives: 六月 2019

drogo@tfwno.gf 比特币加密恢复

Posted on by

最近有了新的比特币加密勒索病毒,文件内容为:

  ====== Attention! ======

All your files, documents, photos, databases and other important files are encrypted and have the extension: 3FB27E87-5A65-684C-C56C-91BB59DFC0B8

You are not able to decrypt it by yourself!
The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

To be sure we have the decryptor and it works you can send an email drogo@tfwno.gf (reserve drogo10@protonmail.com) and decrypt one file for free.
But this file should be of not valuable!

Do you really want to restore your files?
Write your rersonal ID to email drogo@tfwno.gf

Your personal ID: 3FB27E87-5A65-684C-C56C-91BB59DFC0B8

Attention!   
 * Do not rename encrypted files. 
 * Do not try to decrypt your data using third party software, it may cause permanent data loss.  
 * Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

加密之后文件为:

2

我们通过数据库层面恢复,可以open数据库,然后使用exp/expdp导出数据,实现恢复之后,数据库直接可以使用

3

回收站中有大量wri$_rcs表

Posted on by

联系:手机/微信(+86 17813235971) QQ(107644445)QQ咨询惜分飞

标题:回收站中有大量wri$_rcs表

作者:惜分飞©版权所有[未经本人同意,不得以任何形式转载,否则有进一步追究法律责任的权利.]

在对一套Oracle 12.1.0.2的数据库巡检之时发现大量WRI$_RCS_数字_1的表在回收站中,从命名中看该表应该是Oracle某个自动任务处理后,表未被正常处理干净,遗留在回收站中.
wri$_rcs

查询mos确认是Bug 20114306 – Objects left in recyclebin after upgrade to 12.1.0.2 or with fix for bug 16851194 present – superseded (文档 ID 20114306.8)
20114306
可以尝试打上补丁21498770或者23100700然后设置_fix_control

alter system set "_fix_control"='16851194:off' ;

确认该_fix_control是否可以设置,可以查询 v$system_fix_control视图