Severity scale:  
  (97/100)

BlockFile12 ransomware virus. How to remove? (Uninstall guide)

removal by Gabriel E. Hall - - | Type: Ransomware
12

BlockFile12 ransomware virus takes files to hostage and demands to pay the ransom

BlockFile12 is a crypto-malware that encrypts files on the affected computers and distorts file names. After the attack, each of the targeted documents, multimedia files, and other data includes a contact information and .block_file12 file extension. Ransomware uses this scheme for renaming affected files: .===contact_mail===itankan12@gmail.com===.block_file12. Following data encryption, ransomware drops a ransom note on the desktop which is called HOW TO DECRYPT FILES.txt. The threatening letter explains that victims have to contact cyber criminals via itankan12@gmail.com email address in order to get instructions for data recovery. However, having conversations with crooks is not a good idea. They will probably use some psychological terror and blackmailing techniques to convince you to transfer particular amount of Bitcoins. The size of the ransom is unknown. It seems that cyber criminals decide the worth of the files individually. However, it doesn’t matter how much money they ask; you should not make the payment. Remove BlockFile12 from the computer and save your money. Cyber criminals may not provide you promised decryption software, but they will gladly use your money for future projects.

The image of BlockFile12 ransomware virus

Apart from corrupting files, BlockFile12 might also open the backdoor for other malware. Thus, the longer you let it stay on your computer, the bigger risk you take to encounter other ransomware or data-stealing Trojans. If you are having thoughts about paying the ransom, we want to discourage you from making the wrong decision. Transferring Bitcoins will not remove ransomware from the computer. Besides, you may not get back your files because cyber criminals do not always keep up their promise.[1] If you have data backups or at least some of your files saved in external or online storage, you have everything what you need. If not, you should try our alternative recovery options that are absolutely safe. However, you should think about data recovery after BlockFile12 removal. Thus, if you got infected, install Reimage, scroll down to the end of the article, and learn how to clean your device.

The main ways how ransomware infiltrates computers

BlockFile12 ransomware might get into the PC using several techniques. There’s no doubt that cybercriminals use social engineering techniques[2] and spread numerous malicious emails that include infected attachments or links. Such emails might look like sent from governmental institutions, banks, delivery services, etc. The letter itself might inform about serious problems or necessity to check some information, and ask to open the attachment or visit a particular website. Once you do that malicious payload is downloaded and executed on the system. Furthermore, BlockFile12 hijack might also occur when you visit crafted website, click on a malware-laden ad or download bogus software. Therefore, it’s crucial to avoid visiting high-risk Internet sites (e.g. adult-themed, gaming, gambling, etc.) and clicking online ads. We want to point out that malicious ads might also be placed on legitimate websites as well and barely differ from safe ads. Thus, before clicking that ad offering amazing shopping deal, you should think twice whether it’s actually worth taking a risk.

The step-by-step guide for BlockFile12 removal

We recommend performing automatic BlockFile12 removal using powerful security software. It’s the only safe way to get rid of all malicious files and processes. Ransomware-type viruses might inject codes into legitimate system processes; thus, terminating it manually is nearly impossible for regular computer users. In order to avoid causing damage to your PC, you should install malware removal program and run the system scan several times. We suggest assigning this task for Reimage, Malwarebytes Anti Malware or Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus. Of course, you can choose other security tools as well. However, if you cannot install the program and remove BlockFile12 automatically, you may find our instructions handy. Malware might be resistant. However, its removal is still possible!

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove BlockFile12 ransomware virus you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall BlockFile12 ransomware virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Manual BlockFile12 virus Removal Guide:

Remove BlockFile12 using Safe Mode with Networking

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

Follow the steps below to restart the computer to the Safe Mode with Networking in order to perform the automatic BlockFile12 removal.

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove BlockFile12

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete BlockFile12 removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove BlockFile12 using System Restore

Reimage is a tool to detect malware.
You need to purchase Full version to remove infections.
More information about Reimage.

System Restore method also helps to disable the virus and run automatic removal.

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of BlockFile12. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that BlockFile12 removal is performed successfully.

Bonus: Recover your data

Guide which is presented above is supposed to help you remove BlockFile12 from your computer. To recover your encrypted files, we recommend using a detailed guide prepared by 2-spyware.com security experts.

If your files are encrypted by BlockFile12, you can use several methods to restore them:

Try Data Recovery Pro for restoring encrypted files

If you do not have data backups, you should try Data Recovery Pro. This program is capable of restoring damaged, corrupted, deleted and some of the encrypted files.

Take advantage of Windows Previous Versions feature

If System Restore function was activated on your PC before BlockFile12 ransomware attack, you should follow the steps below and copy previously saved versions of the encrypted files.

  • Find an encrypted file you need to restore and right-click on it;
  • Select “Properties” and go to “Previous versions” tab;
  • Here, check each of available copies of the file in “Folder versions”. You should select the version you want to recover and click “Restore”.

Use ShadowExplorer

If ransomware failed to delete Shadow Volume Copies of the targeted files, you could use this tool and recover encrypted data.

  • Download Shadow Explorer (http://shadowexplorer.com/);
  • Follow a Shadow Explorer Setup Wizard and install this application on your computer;
  • Launch the program and go through the drop down menu on the top left corner to select the disk of your encrypted data. Check what folders are there;
  • Right-click on the folder you want to restore and select “Export”. You can also select where you want it to be stored.

BlockFile12 decryptor is not available yet.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from BlockFile12 and other ransomwares, use a reputable anti-spyware, such as Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware

About the author

Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

References