Powershell Windows Toolbox helps to install Google Play on Windows 11 is malicious code
This tool called "Powershell Windows Toolbox" has been posted to GitHub and LinuxUserGD users have noticed that the hidden lines of code are very confusing and contain malicious bits. Then other users continued to report problems related to this tool. Powershell Windows Toolbox has now been removed from GitHub.
Here's what the tool claims it can do:
First, the tool uses Cloudflare workers to load a script. In the How to user section of the tool, the developer instructs the user to run the following command in the CLI:
While the script is being loaded, code scrambling is also performed. After overturning the obfuscation, experts discovered that these are lines of code used to download malicious scripts from Cloudflare workers and files from user alexrybak0444's GitHub repo. This repo has also been reported and removed.
The scripts then create an extension for Chromium-based browsers. This is believed to be the main malicious component of this malware distribution campaign. It appears to be that certain links or URLs are used to generate revenue through afiliates and referrals by promoting certain software or scams through Facebook and WhatsApp messages.
If you happen to install Powershell Windows Toolbox you need to remove the following components from your computer. Here's what the malware adds during the infection:
- MicrosoftWindowsAppIDVerifiedCert
- MicrosoftWindowsApplication ExperienceMaintenance
- MicrosoftWindowsServicesCertPathCheck
- MicrosoftWindowsServicesCertPathw
- MicrosoftWindowsServicingComponentCleanup
- MicrosoftWindowsServicingServiceCleanup
- MicrosoftWindowsShellObjectTask
- MicrosoftWindowsClipServiceCleanup
At the same time, you also need to delete the hidden folder "C:systemfile" created by the malicious code during the intrusion. In case you do a system restore make sure you use a recovery file that is not created by the Powershell Windows Toolbox as it will not remove the malware.
However, before installing the Google Play Store, TipsMake.com notes you: according to Microsoft, to run Android apps on Windows 11 you need a computer with relatively high configuration.
You should read it
- Instructions on how to use PowerShell in Windows Server 2012
- What to do when Windows can't find PowerShell?
- Use PowerShell to download any file on Windows 10
- PowerShell command in Windows
- How to Install or Update PowerShell on Windows 11
- How to check PowerShell version in Windows 10
- How to join videos using the Video Toolbox online
- Next time, Microsoft will release PowerShell updates via Windows Update Windows
May be interested
- How to check CPU usage in Windows 11this guide will show you how to check your computer's cpu usage so you can learn how to catch things.
- 10 interesting hidden features of Windows 11from keyboard shortcuts to hidden menus, there are many hidden windows 11 features that make using windows in general easier and more productive.
- These are the features that are about to be brought to Windows 11 by Microsoftwindows 11 version 22h2 is coming later this year, and while it won't be a major release, microsoft will still bring a few new features in addition to bug fixes and performance improvements.
- Microsoft is ready to let Windows 11 users install third-party widgets from the Storethird-party services will make the windows widgets space much more useful in everyday use scenarios.
- Instructions to change the wallpaper on Windows 11changing the wallpaper in windows 11 is one of the best ways to customize the desktop. adding a new wallpaper to your desktop is like redecorating your room, and a visually appealing wallpaper will help make your windows 11 pc shine.
- Windows 11 will become the first operating system with anti-phishing protection at the kernel levelmicrosoft has repeatedly warned windows users about the problem of storing passwords in plain text format.