Click on screenshot to zoom
Danger level 5
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Satan’s Doom Ransomware

It appears to be cyber criminals do not rest even during the holiday season as Satan’s Doom Ransomware was spotted right before Christmas. The malware encrypts private data it finds on the infected computer and leaves a ransom note asking for payment. It is difficult to say how widely it was or still is being distributed since the only sample our researchers managed to obtain does not even work correctly. Nonetheless, we were able to obtain some vital information about the malicious application, and if you want to learn more about it too, we encourage you to read the rest of our article. At the end of it, users can find instructions showing how to remove the threat manually. Naturally, if such a task looks a bit too difficult for you, it would be safer to employ a reliable antimalware tool and let it deal with Satan’s Doom Ransomware for you.

It is most likely that Satan’s Doom Ransomware travels with Spam emails or slips in because of unsecured Remote Desktop Protocol (RDP) connections. Either way, its appearance on the computer signals the device might be vulnerable to infections and unprotected. To strengthen it first we would suggest installing a reliable antimalware tool that could alert about potential threats and help you deal with them. One more way to make the system stronger is to change weak passwords and update all outdated software, especially the operating system and security tools. Moreover, it would be advisable to avoid suspicious email attachments received from unknown senders and stay away from torrent or other file-sharing web pages since from them you could download malicious setup files carrying infections similar to Satan’s Doom Ransomware, and so on.

Provided the malicious application manages to settle in it should lock most of the user’s personal files. During the process, the enciphered files’ names should remain unchanged, but to mark such data the malware may append .locked extension, for example, picture.jpg.locked, text.docx.locked, etc. Sadly, afterward, the user should be unable to open any of the marked files as it cannot be done without a unique decryption key, which is in possession of the cyber criminals behind Satan’s Doom Ransomware. To extort money from users, the infections creators could suggest paying a ransom in exchange for the needed decryption tools. This proposition can be seen in a text document called READ_IT.txt that the threat should drop after the encryption process. Also, a similar message might be seen on a replaced Desktop wallpaper. Not to mention, a full ransom note should be displayed on the locked computer’s screen.

From the instructions seen on the locked computer’s screen, it seems Satan’s Doom Ransomware’s developers want to get 250 US dollars from each user who encounters it. There are also special conditions, such as the ransom gets doubled if the user does not pay in in two days and then again after seven days. Besides the message explains how the payment can be made and how to contact the cyber criminals behind the malware. Of course, we do not recommend doing any of those things as there is a possibility the malicious application's creators could trick you. No matter how friendly they may sound, in reality, there is not knowing if they will deliver the promised decryption tools.

For users who do not want to risk being scammed, we would advise erasing Satan’s Doom Ransomware. Its deletion cannot restore encrypted data, but if you have copies of such file on some removable media device or cloud storage, you could simply replace the locked ones with copies. Just to make sure it is safe to do so, it might best to eliminate the infection first. Those with more experience could try to do so manually while following our removal instructions available a bit below this text. As for users who find the task too complicated or difficult we would recommend employing a reliable antimalware tool instead. It can be downloaded as soon as you unlock the screen and the first step of our instructions will explain how to do so.

Eliminate Satan’s Doom Ransomware

  1. Enter the following hardcoded password into the specific box on the locked screen: 63uh2372gASd@316.
  2. Press Ctrl+Alt+Delete.
  3. Go to the Task Manager.
  4. Find the malware’s process.
  5. Mark this process and click End Task.
  6. Exit Task Manager.
  7. Tap Win+E.
  8. Navigate to:
  9. See if you can find the malicious file that infected the system.
  10. Right-click the suspicious file and press Delete.
  11. Navigate to: %TEMP%
  12. Look for a randomly named executable file, right-click it and select Delete.
  13. Then find and erase files titled READ_IT.txt.
  14. Close File Explorer.
  15. Empty your Recycle bin.
  16. Reboot the system.
Download Spyware Removal Tool to Remove* Satan’s Doom Ransomware
  • Quick & tested solution for Satan’s Doom Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.