Satan’s Doom Ransomware

What is Satan’s Doom Ransomware?

Satan’s Doom Ransomware is a malicious program that encrypts user’s data and locks the screen by displaying a message illustrated with pictures from the Blizzard Entertainment game series called Diablo. In exchange for decrypting the user’s files the hackers who created the infection demand for a payment of $250. If the user does not manage to pay it in two days, these people threaten to double the price. Nonetheless, we advise you not to rush as you could later regret your choice. Keep it in mind; no one can guarantee the hackers will want to or will be able to decrypt your data. In other words, while you may keep up to your end of the deal the malware’s creators might not, and if this happens, you will lose transferred money in vain. This is why we encourage users not to put up with any demands and erase Satan’s Doom Ransomware with the instructions provided at the end of this report.

Where does Satan’s Doom Ransomware come from?

Our researchers at Anti-spyware-101.com think Satan’s Doom Ransomware could travel with malicious email attachments or other harmful files downloaded from untrustworthy sources. Therefore, to protect the device from such malicious programs we recommend taking extra precautions with data received from P2P file-sharing web pages, Spam emails, and so on. For instance, before opening a suspicious file, the user could scan it with a chosen antimalware tool. This way if the downloaded data is harmful the tool should notify the user about it and stop it from infecting the system.

How does Satan’s Doom Ransomware work?

Satan’s Doom Ransomware is a file-encrypting malicious program, so once it enters the system, it should locate all targeted files and encipher them with a secure cryptosystem. According to our researchers, the malware might be after user’s photographs, various documents, videos, archives, and so on. The victim can easily recognize encrypted files by looking at their extensions, since data that was affected should have an additional one called .locked, e.g., panda.jpg.locked.

What’s more, if the threat infects the device it may create a copy of its launcher in the %TEMP% directory and place a short ransom note called READ_IT.txt. However, once the user’s data gets enciphered the malicious program should lock the screen and display a more extended ransom note on top of it. As we said in the beginning, in it the hackers who created Satan’s Doom Ransomware ask their victims to pay $250 right away or pay double if they cannot decide what to do in two days. If you do not think you can waste such a sum, we would advise against paying the ransom, because doing so could be equal to throwing your money away if the hackers do not send your unique decryption key. Instead of risking your savings you could restore data from backup copies, but first, it would be wise to get rid of this malware.

How to delete Satan’s Doom Ransomware?

If you feel you can manage manual deletion, you should first unlock the screen. Luckily, it appears to be the screen can be unblocked if the user types a particular password (63uh2372gASd@316) our researchers found while testing the infection. A bit below this paragraph you will see full removal steps explaining both how to eliminate the threat’s message and erase data belonging to Satan’s Doom Ransomware manually. On the other hand, users who do not mind installing a legitimate antimalware tool could download such a tool instead, set it to scan the system, and then remove all identified threats, including this file-encrypting program, with a single mouse click.

Get rid of Satan’s Doom Ransomware

1. Type this password 63uh2372gASd@316 into the correct box located on the malware’s message to unlock the screen.
2. Tap Ctrl+Alt+Delete.
3. Launch Task Manager and go to Processes.
4. Search for a process related to the malware.
5. Mark the suspicious process and click End Task.
6. Press Win+E.
7. Check the following paths:
   %USERPROFILE%Desktop
   %USERPROFILE%Downloads
   %TEMP%
8. Locate the file responsible for infecting the system.
9. Right-click the malicious file and press Delete.
10. Go to %TEMP%
11. Find and remove malicious executable files belonging to the infection; they may have random names.
12. Eliminate documents called READ_IT.txt.
13. Exit the File Explorer.
14. Empty your Recycle bin.
15. Reboot the device. Download Removal Tool100% FREE spyware scan and
    tested removal of Satan’s Doom Ransomware*