07/02/17. Version 1.0.0
- Run RecoverPopCorn.exe on the infected computer.
- If the computer is infected by the most common PopCorn variant, the field should be filled automatically with the local path to the ransomware itself. If not, the computer is not infected with a known variant. If it is not filled up automatically and you know where the ransomware executable may be, select it with the “File…” dialog.
- Click on the “Code decryptor”. A string should appear in the lower panel.
- Copy and paste it into the ransomware recue window.
- Wait for the ransomware to unlock all your files. It will remove itself from the system, but you are advised to check your system with some antivirus program.