How to remove Windows health is critical virus

To begin with, you should be aware that “Windows health is critical” has nothing to do with reality. Everything is fine with your OS, and there is no threat to your computers and your files. The “Windows health critical” virus can not in any way harm your computer unless you do it yourself. In this article we will explain to you how this virus works, how to remove it and how to protect your computer from similar attacks in the future.


Windows health is critical has no mechanisms to affect your files or the system itself. In fact, the virus is just a banner, which closes the screen to you and creates the appearance that the computer is locked. If you ever come across similar situations in the future, then remember: useful programs and services never block the computer, and if this happens, then the system is infected with the virus. How does the virus do this? Everything is extremely simple. In Windows, there is a service that allows some programs to run before others - it's the Startup folder. This folder is intended for antivirus software and other tools that need to work constantly. Scammers use this service for their own purposes, and once Windows health is critical gets into the system, it embeds itself in this folder so that, after rebooting the computer, boot before other programs, and place the banner over the desktop and toolbar. Thus, scammers filter out experienced users from beginners. If the user is experienced, then he will easily remove this banner from the desktop and continue to use the computer. If the user is not experienced enough, he will decide that the system is really in danger, and will call the specified number. If a banner or pop-up window appears on your computer, and it suggests to call the specified number to solve any problems with the software, this is a hoax. Neither Microsoft nor the well-known anti-virus vendors ever initiate communication with the user over the phone.

Now it is worth investigating, what is the benefit for scammers that the victim will call them? Here everything is simple: the phone number is not toll-free. Of course, the opposite is written on the banner, but in fact, if you call this number, you will pay for every minute of the conversation and you will be very surprised to receive an invoice from the telephone company. Naturally, there are no computer specialists at that end of the wire, and no one will help you eliminate mythical problems. But there are well-trained scammers who will try to get personal information from you, such as the program number of your copy of Windows, bank card numbers and passwords. Quite often scammers offer to fix the problem remotely, and if the user agrees - they get full control over the computer. They will try to sell you some useless programs that will "fix" the system, although with it everything is alright, and will require payment for these programs. As you can see, the only thing you need to know about these viruses is that they are not dangerous to the computer if the user knows how to deal with them.

So far, there is no exact information about how Windows health is critical penetrates the computer, but most effective methods, such as bundling and e-mail spam, are most likely used. These methods can be easily avoided if you follow the elementary rules of Internet security, and use anti-virus programs.

How to delete Windows health is critical Virus

The removal of Windows health is critical can be performed in Safe Mode. The fact is that Safe Mode is a mode in which viruses, adware and other types of unwanted programs just cannot run. Thus, by loading Windows into Safe Mode, you can easily scan your computer with antivirus, and remove Windows health is critical from the system. If you are not sure how to properly perform the removal - do not rush and use our instructions.


Special Offer

Download Spyhunter - Anti-malware scanner

We advise downloading SpyHunter to see, if it can detect malware for you.

Spyhunter has a biggest malware database

It protects the system against all kinds of threats: Trojans, adware and hijackers

24/7 Free Support Team

SpyHunter scanner detects threats and malware for free, but to remove infected elements you need to purchase a full version of program for 39.99$. More information about Spyhunter, EULA and Privacy policy.

Removal instruction




Step 1. Boot the system into safe mode

  • Press Start
  • Type Msconfig and press Enter

Safe mode. Step 1


  • Select Boot tab

Safe mode. Step 2



  • Select Safe boot and press Ok

More information about Safe mode: What is Safe Mode and how to boot computer in Safe Mode


Step 2. Show all hidden files and folders

  • Press Start
  • Click on Control Panel

Show hidden files. Step 1


  • Select Appearance and Personalization

Show hidden files. Step 2


  • Click on Folder Options
  • Select View tab
  • Select Show hidden files, folders and drives

Show hidden files. Step 3


  • Press Ok


Step 3. Remove virus files


Check next folders to find suspicious files:

  • %TEMP%
  • %ProgramData%


Step 4. Fix hosts file

  • Go to %SystemRoot%\System32\drivers\etc\ folder



  • Open hosts file using Notepad or other text editor
  • Delete suspicious elements
  • Basic hosts file looks like this:



Step 5. Clean registry (for experienced users)

  • Click Start
  • Type Regedit.exe and press Enter
  • Clean startup registry keys
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServices
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

Step 6. Scan computer with antivirus


Step 7. Disable Safe Mode and restart computer

  • Press Start
  • Type Msconfig and press Enter
  • Select Boot tab
  • Remove the check near Safe boot




Share your feedback to help other people
1 1 1 1 1 1 1 1 1 1 Rating 5.00 [1 Vote]

Add comment

Security code



Acronis suggestion to CrashPlans users

Around a month ago, there was an accident with CrashPlans backup software.

What is MicTrayDebugger and is it dangerous

This is a brief entry about MicTrayDebugger: what is it, how it appeared in the system, is it dangerous and how to get rid of it.

What is HoeflerText and is it dangerous?


This article is dedicated to the fraud scheme that is called HoeflerText font wasn't found. We will explain you what is this scheme and how to avoid it.

What is Wpad.dat virus and how it is used

The topic of our today's article is a script that had been unjustly called a virus. It’s Wpad.dat, and it is not a virus. We will explain what is Wpad.dat and how to prevent fraudsters to deceive yourself with its help.


Cancer virus trollware

This is an article about crazy Cancer virus and the madness that it brings to victim's computer.

This website uses cookies to improve your experience