1 of 3
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Lick Ransomware

Lick Ransomware appears to be a clone of a recently created dangerous file-encrypting application called Kirk Ransomware. However, this time the cyber criminals thought of a new way how to convince their victims to install the malware. It appears to be they made the threat available through harmful file-sharing sites where it is offered as a decryptor. Unfortunately, the malicious program has an opposite effect on user’s data, so if you launch this fake tool, it will most likely lock all your files on the computer. In this situation, it would be extremely helpful to have a backup you could use because paying the ransom is a highly risky option and we are firmly against it. You can learn more about Lick Ransomware if you continue reading the text. Also, should you decide to remove this threat, you could slide below the article and use the provided deletion instructions.

The malicious program is launched when the user opens an executable file named as filedecrypter.exe or similarly. To convince the user Lick Ransomware is a tool and not an infection the threat should open a fake program window. Besides, it could also show a pop-up message claiming the so-called decryptor is working, but it might take some time. In reality, the malware is checking data on the computer and looking for files it could encrypt. As the research shows, the ransomware should be able to lock a lot of different file types. For example, it could damage data with the following extensions: .jpg, .png, .gif, .zip, .rar, .exe, .mp3, .mp4, .mov, .avi, .mkv, .txt, .pdf, .docx, .doc, .html, .php, .xhtml, .ppt, .xls, .xlsx, and many others.

According to the cyber criminals themselves, their created malicious program should target more than six hundred different extensions. Since the fake decryptor can damage executable files, it is possible that some of the user’s installed applications might stop working. Nevertheless, the infection needs you to be able to see the ransom note so the threat’s creators could convince you to pay a ransom. Therefore, Lick Ransomware should not damage any files belonging to the operating system. In any case, you can easily recognize locked data from the second extension (.licked) it applies to each encrypted file.

Moreover, while your data is being encrypted the malware may place a couple of files on the system. One of them could be named as pwd. It might contain a unique password needed for decryption, but the file is locked too, so you will have no use for it. Documents called stats.txt or ERRORLOG.txt might contain lists of locked data and so on. Lastly, the malicious program should open a text document named RANSOM_NOTE.txt. As you probably already guessed from its title, the document provides a message with the cyber criminal’s demands.

It appears to be the infection’s developers want their victims to pay a ransom in a digital currency similar to Bitcoin; it is called Monero. The price for the first two days of the infection is 50 Monero or approximately $1035. Later the ransom only increases until it becomes 500 Monero. Clearly, even if you transfer the money, there are no reassurances the cyber criminals will hold to their end of the deal. Thus, if you do not want to risk being tricked once again, we advise you to ignore the ransom note and get rid of Lick Ransomware as soon as possible. If you have any copies on an external hard drive, flash drive, or anywhere else besides the infected computer you could use these copies to recover your data, but first it is important to secure the system.

If you received this malicious program while looking for a decryption tool, you probably did so because of other threats on the system. Erasing multiple infections might be rather complicated, especially if you do not have much experience in these matters. For this reason, our specialists advise using a trustworthy removal tool that could eliminate malware automatically instead of dealing with Lick Ransomware and other possible threats manually. Of course, if you believe you can handle this task, you could try to follow the instructions placed below, just keep it in mind they can help you erase only this particular ransomware. As for other possible malware, you would have to look for more manual deletion instructions or simply install a legitimate antimalware tool and let it clean the system for you.

Remove Lick Ransomware

  1. Press Win+E.
  2. Look for the malicious program’s installer (e.g. filedecrypter.exe), right-click it and choose Delete.
  3. Insert %TEMP% into the Explorer and click Enter.
  4. Find a folder with a title from random digits and letters, right-click it and select Delete.
  5. Search for other files related to the malware, such as RANSOM_NOTE.txt, ERRORLOG.txt, stats.txt, PWD.
  6. Right-click such files separately and click Delete.
  7. Exit the Explorer and empty Recycle Bin.
  8. Reboot the system.
Download Spyware Removal Tool to Remove* Lick Ransomware
  • Quick & tested solution for Lick Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.