… besides, I read the post on the
German security software company G DATA has released a vaccine that prevent STOP Ransomware from encrypting victim files AFTER infection
I also noticed that the “Personal ID:” in the text files created in each directory is the same as the ID in the “PersonalID.txt” file except for the first 9 characters (0405JUsjd was added to the beginning of the ID)
Another strange thing is that my laptop has 2 disks. the VS: drive is where the operating system is located and the D: drive is where I keep most of my files. the VS: drive files ARE NOT crypt.
I also had a portable drive and all these files are encrypted.
All this took place yesterday February 26, 2022 around 3:00 p.m. I was setting up another laptop and got a file from the now infected laptop, to install a program on the new laptop. Most of the work I did with the file was on the infected laptop (unpacking, moving the file, etc.) so the new laptop wouldn’t be infected.
I’m not sure I understand the information on the EMISOFT website…
To be clear, for each type of file (doc, docx, xls, xlsx, png, etc.) you want to decrypt, you also need to download an encrypted and unencrypted pair to form the service
Does this statement suggest that the file encrypted with an ONLINE key could be decrypted?