The problem is that the manipulation is not simple and that it is generally necessary to go through a third-party tool. Hackers are well aware of this and that’s why, obviously, many of these tools are heavily riddled with malware. This is particularly the case with Windows Toolbox, a very popular utility for installing the Google Play Store on Windows 11. This utility is not content with just that since it purges Windows 11 of its bloatware… but this behavior does not was obviously just a facade.
Want to install the Google Play Store on Windows 11? Beware of the tools to do it…
If the tool remains functional to install the Google Play Store and remove the bloatware that you can see on your machine, it also took the opportunity to discreetly suck up your personal data, and infect your computer with corrupted Chrome extensions, dubious scripts, and others malware. The Bleeping Computer site explains that it also contains a Trojan that secretly executes PowerShell scripts, configures scheduled tasks in Windows 11 to launch other malicious actions later.
It also creates a hidden folder c:\systemfile used to exfiltrate sensitive data from Chrome, Edge and Brave. A corrupt Chrome extension is also installed and dumps user data in this secret folder such as its location. In addition to this when the user tries to visit sites like WhatsApp.com, they get redirected to various scams instead. For now, the malicious behavior of this tool does not seem to be detected by antivirus programs.
Read also – Android apps are finally coming to Windows 11
To make matters worse, since the tool does something not officially allowed by Microsoft, users may be tempted to disable their antivirus software in order to complete the Windows Toolbox installation. Getting rid of all its scripts and scheduled tasks is no small feat – a complete reinstallation of Windows 11 may be required. Other tools exist to directly install APKs in Windows 11. We nevertheless urge you to be very careful – and above all not to continue if an antivirus alert is displayed.