Users’ interest in Windows 11 has been great and its new features have caught everyone’s attention. This has led many to use tools to immediately activate and bring everything new.
Unfortunately, as you can see now, it doesn’t always go well for users. One of the known tools to activate Android and Google Play on Windows 11, after all, compromised the Microsoft operating system and installed malware on these devices.
The promise made by Microsoft was very important. Android would become part of Windows 11, natively, and this would open the door to running the apps of this Google system without any dependence on a smartphone or other equipment.
As it was a feature that was being tested and limited, many had to resort to tools like Windows Toobox to activate it. This powershell script promised to eliminate all unnecessary Windows 11 extras and bring you Google Play.
After all, and from what you know now, Windows Toolbox did much more than was visible. This tool has installed malware and other malicious tools on Windows 11, compromising this Microsot system in various ways and at various levels.
Everything happened invisibly and without users noticing the problem. Hosting the project on GitHub pointed this script out of this service, which should have immediately raised alarms for using Windows Toolbox.
A few days ago the problems started to be reported by users, and the presence of malware in this tool was immediately pointed out. However it has been removed from GitHub and confirmed who was installing this malicious software on Windows 11.
To detect the presence of this problem, users should look for tasks that are running on Windows 11 and that are strange. It is also necessary to delete the files C:Windowssecuritypywinvera, C:Windowssecuritypywinveraa and C:Windowssecuritywinver.png.