> On Jun 6, 2018, at 6:06 AM, Volker Cordes vc@... [firebird-support] <firebird-support@yahoogroups.com> wrote:
>
> Hello,
>
> a customer of ours got himself a trojan that led to his databases
> (firebird 2.5) getting encrypted. I looked at the files with a text
> editor and found that they do not look entirely encrypted. Most of the
> files contains (human) readable text so that I think only the file
> header has been encrypted because gfix won't recognise the file as a
> valid database. Is there a chance that someone who knows the file format
> could look at the files and see if there's a chance of getting the data
> back?
>

IBPhoenix has the tools to fix this type of corruption, I think. The invaders only encrypt the first hundred pages or so. Those pages are usually just metadata which is pretty stable. It takes a bit of tweeking to the header page to sort out the transaction state. Contact Paul Beach.

Good luck,

Ann

> --
> Tel: +49 (0) 4489 408753
> Fax: +49 (0) 4489 405735
> mailto: vc@...
>
> freeline Datentechnik GmbH & Co.KG
> Wiekesch 1
> 26689 Apen
> www.freeline-edv.de
>
> Amtsgericht Oldenburg HRA 203347
> persönlich haft. Gesellschafterin: freeline Holding GmbH, Amtsgericht Oldenburg HRB 206967
> Geschäftsführer: Volker und Tobias Cordes
>
>
>
> ------------------------------------
> Posted by: Volker Cordes <vc@...>
> ------------------------------------
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Visit http://www.firebirdsql.org and click the Documentation item
> on the main (top) menu. Try FAQ and other links from the left-side menu there.
>
> Also search the knowledgebases at http://www.ibphoenix.com/resources/documents/
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> ------------------------------------
>
> Yahoo Groups Links
>
>
>