THOR is the newest manifestation of the much feared Locky Ransomware. With the latest version of these malicious programs being released under the name of .Thor Virus, the Ransomware family has gotten even bigger and the danger it represents to all internet users is growing at an ever increasing rate. Once Thor gets inside your machine, it locks all your files via the method of encryption and requires you to pay ransom if you want to make the data accessible once more. No one is safe from Ransomware and due to its high effectiveness and extremely low risk for the cyber-criminals that are using it, it is sure to remain a major issue for quite some time.
Unlike other malicious programs, typical Ransomware would not harm neither your system, nor your files. The means it uses to lock your files is the method of encryption, which is, in fact, not an actual malicious process. Many programs that are legit use encryption on their files. Therefore, it is often impossible for anti-virus programs to tell the difference between a Ransomware encryption and one coming from a non-malicious piece of software. This devious strategy is what enables viruses like .Thor to remain under the radar of the user, right up until all the important data has been locked by the Ransomware code and the user is left with very few possible courses of action.
During the encryption process
As we said, anti-virus software might often prove to be ineffective against spotting a Ransomware threat. Therefore, you need to learn how you can manually detect the encryption process and potentially intercept it. First of all, understand that the process of encryption can take quite some time, because the virus first needs to make a copy of all targeted files. It is actually the copies that have been locked by the virus code. Once this is done, the original files get deleted and you are left with a pile of inaccessible data. If .Thor is still not done with locking your documents, you can notice its presence by paying close attention to the behavior of your machine and the system resources that are being used. If you see that unusually high amounts of RAM, CPU and hard-drive space are being used along with a general PC slowdown, it might be worth shutting your PC down and bringing it to an IT professional. Note that if there is in fact a Ransomware infection, all devices connected to your machine might get attacked by the virus as well, so make sure there is nothing connected to your PC if you suspect that there’s something malicious going on.
After the encryption
Most users do not notice anything before it’s already too late. In fact, after .Thor is done locking your data, it will probably display a message on your screen demanding a ransom payment if you want to get the decryption key and be able to access your files once again. If that is your current case, we need to tell you that paying the ransom is usually a very bad idea. Not only is there no way to know if you’ll actually be sent the key, but you would also be encouraging the hacker to keep on terrorizing more users. Therefore, what we would advise you to do is to give our Ransomware removal guide a try. While due to the specific nature of Ransomware viruses we cannot guarantee that it will fix everything, it is still a much better alternative to the ransom payment.
As stated above, the Ransomware virus family is bound to get bigger and scarier. Thus, we must make sure that our readers are well informed on how to protect their computers from any future infections:
- Equip your PC with the latest high-quality anti-virus software and detection tools. Keep in mind that oftentimes Ransomware viruses can get inside your system with the help of some other malicious program such as a Trojan Horse.
- Make sure to back-up your data. This is a very effective way to neutralize any potential Ransomware infections.
- Avoid illegal or shady-looking sites. Download stuff only from reliable sources. Do not open any spam letters or suspicious hyperlinks – those are some of the most frequently employed methods for distributing harmful software.