Windows Toolbox malware

Windows 11 has the ability to run Android apps on a desktop PC, but only apps from the Amazon App Store, not Google Play.

Windows Toolbox claimed to let you remove pre-installed apps, tweak your system’s performance and get Windows updates. And, it allows you access to Android apps through the Google Play Store.

According to Bleeping Computer, when users dug around inside the code, they discovered it did all those things, but it also includes rudimentary Trojan malware.

The Windows Toolbox isn’t a typical program you install onto your computer through traditional methods. Instead, it's a script that tells your operating system what to do.

You can’t simply uninstall it like you normally would uninstall other software. So, if you have, or had, the Windows Toolbox on your Windows PC, there are a few things you must do to delete it.

• On your desktop, double-click This PC
• Double-click on Local Disk (C:)
• Navigate to the folder C:\Windows\security\

If you see any of the following files or folders, click once to select, then press Shift-Del at the same time and click Yes to permanently delete the item without sending it to the recycle bin.

The items to look for are:

• C:\Windows\security\pywinvera
• C:\Windows\security\pywinveraa
• C:\Windows\security\winver.png

There's also a hidden c:\systemfile you must delete. If you don’t see it, click View at the top of the screen and check the box to show Hidden items and look for c:\systemfile again...