Apparently, Lick Ransomware might deceive users by pretending to be a decryption tool. Sadly, while the user waits for his files to be decrypted, the malicious application actually encrypts them. It would seem the malware’s creators are quite greedy as they demand users to pay from fifty to five hundred Monero, which is another digital currency similar to Bitcoins. At the moment of writing one Monero costs approximately 21 US dollars, so the ransom can vary between one thousand and ten thousand US dollars. Obviously, you have to decide if the encrypted files are worth to risk losing such amount of money because no one can assure you the infection’s creators will give you the actual decryption tool. After all, they did manage to trick you once already. Under such circumstances, we recommend removing the malware instead of paying. If you have no idea how to eliminate Lick Ransomware, just scroll below the text and follow the recommended deletion steps.
Our researchers say the malicious application could be downloaded by inexperienced users who believe it to be a decryption tool since Lick Ransomware’s launcher might be titled as FileDecrypter.exe. It looks like this malicious file could be distributed either through harmful web pages or Spam emails. If you opened this executable without even thinking it could be dangerous, we would advise you to be more careful the next time. Each file downloaded from an unreliable website or received from an unknown sender via email should be scanned with a reliable antimalware tool before it is launched. If you do not have such a tool yet, we urge you to consider acquiring it as it might protect your computer and data on it from similar threats in the future.
Right after opening the malware’s launcher Lick Ransomware should display a pop-up window called FileDecrypter | v184.108.40.206. The message in it might say “File Decrypter is initializing for your system. This may take some time. Click ‘Ok’ to close this dialog box and wait for the ‘Finished’ to popup.” Unfortunately, if you wait till the mentioned pop-up shows up, the files on your computer might be already encrypted with a secure cryptosystem. Each enciphered file should be marked with .licked extension, e.g. a Microsoft Word document could look like speech.docx.licked. Besides text documents, the malware can encrypt photos, videos, music files, images, archives, and other data too.
After the encryption, the infection could also drop a couple of documents containing the ransom note: RANSOM_NOTE.txt, ERRORLOG.txt. The message explains the whole situation in detail and instructs users on how to make the payment if they want to receive a decryption tool that could decipher files affected by Lick Ransomware. As we said before, the decryption program is not so cheap and there are no guarantees you will get it. Therefore, we advise not to waste your money on a tool you may never receive. Instead, we recommend erasing the malicious application. It will not decrypt its enciphered files, but it will be safer for the system.
Once the threat is deleted, you could safely retrieve copies from removable media and so recover at least some of your data. Users could try to eliminate Lick Ransomware manually according to the instructions placed below, but since there might be more harmful applications on the computer, it might be best to employ a legitimate removal tool that could take care of all possible threats at the same time.