Remove Borontok Ransomware (+File Recovery)

Remove Borontok Ransomware (+File Recovery)Remove Borontok Ransomware (+File Recovery)Remove Borontok Ransomware (+File Recovery)


This page aims to help you remove Borontok Ransomware for free. Our instructions also cover how any Borontok file can be recovered.

If you can no longer access any or most of the files that are stored in the hard-disk of your computer, know that you likely have fallen victim to Borontok or another nasty Ransomware cryptovirus. Since those malware threats are really widespread right now, we assume that you have at least heard about them and that you know that they could be extremely problematic. In many cases, once a Ransomware gets hold of a user’s files, that user never gets to regain their access to the encrypted data. Here, we will offer you our help against the insidious Borontok and will try to assist you with its removal and with the potential restoration of your data. We should, however, inform you that no guarantees can be given as far as the future of your files is concerned. Still, losing hope doing nothing is certainly not going to bring any of your data back which is why we advise you to at least give a try to the instructions that you will see further down this write-up.

Some words about Borontok Ransomware

The whole goal of cryptoviruses like this one is to blackmail you into paying a ransom by holding your files “hostage” until you complete the demanded payment. To some of you, paying the ransom may seem like a reasonable way out of this predicament – sure, it will cost you some money but you will at least get to access your files again. This, however, is not necessarily always the case. You can’t really know if the hackers are actually going to give you the decryption key that you need to remove the encryption from your files. They may simply lie to you and disappear with the money. Because of this, we strongly recommend that you first try an alternative method of dealing with this problem and only if nothing else works, maybe consider the payment if you still thing it is a viable course of action.

The importance of ridding your computer of the Ransomware

The guide you can see on this page is first and foremost supposed to help you locate and eliminate Borontok from your computer. This is a really important step and trying to restore any of your data via methods other than paying the ransom may turn out to be futile because each file you manage to recover may get re-encrypted by the still active cryptovirus. This is why you must always ensure that your PC has been cleaned before attempting to bring back any of your files. This especially applies to those of you who have backup copies of their data on external devices. Never connect an external device such as a flash memory stick, an external HDD or even your phone if you think there’s still Ransomware in the computer or else you’d be risking getting your backups encrypted as well! In this regard, if you wish to protect your files in the future from Ransomware attacks, the single most effective precaution measure is to backup everything on a safe location that is normally not connected to your PC.


Name Borontok
Type Ransomware
Danger Level High (Ransomware is by far the worst threat you can encounter)
Symptoms Before the files get encrypted, the only potential symptoms you may noticed are unusually high use of RAM, CPU and HDD space.
Distribution Method Pirated software and spam messages as well as malvertising click-bait ads are the most commonly used methods for spreading Ransomware.
Data Recovery Tool [banner_table_recovery]
Detection Tool

Remove Borontok Ransomware

Remove Borontok Ransomware (+File Recovery)

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Remove Borontok Ransomware (+File Recovery)


Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

Remove Borontok Ransomware (+File Recovery)

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Remove Borontok Ransomware (+File Recovery)
Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result
Remove Borontok Ransomware (+File Recovery)ClamAV
Remove Borontok Ransomware (+File Recovery)AVG AV
Remove Borontok Ransomware (+File Recovery)Maldet

After you open their folder, end the processes that are infected, then delete their folders. 

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.

Remove Borontok Ransomware (+File Recovery)

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

Remove Borontok Ransomware (+File Recovery)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Type msconfig in the search field and hit enter. A window will pop-up:

Remove Borontok Ransomware (+File Recovery)

Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

  • Please note that ransomware may even include a fake Manufacturer name to its process. Make sure you check out every process here is legitimate.

Remove Borontok Ransomware (+File Recovery)

Type Regedit in the windows search field and press EnterOnce inside, press CTRL and F together and type the virus’s Name. 

Search for the ransomware  in your registries and delete the entries. Be extremely careful –  you can damage your system if you delete entries not related to the ransomware.

Type each of the following in the Windows Search Field:

  1. %AppData%
  2. %LocalAppData%
  3. %ProgramData%
  4. %WinDir%
  5. %Temp%

Delete everything in Temp. The rest just check out for anything recently added. Remember to leave us a comment if you run into any trouble!

Remove Borontok Ransomware (+File Recovery) 

How to Decrypt Borontok files

We have a comprehensive (and daily updated) guide on how to decrypt your files. Check it out here.

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


About the author


Brandon Skies

Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

Leave a Comment