Powershell starts on its own mid session and uses most of memory and CPU

Question

After about an hour from opening my PC, Powershell starts on its own in the background with three tasks as shown that consume most of the memory and CPU, and I have to manually stop them every time

I don't have powershell in my startup apps, and I have checked the Task Schedular and It no tasks set to run related to powershell, I have tried disabling powershell in the LGPE but it still starts on its own.

It has become a pain to pause my work to stop these tasks, And It makes me anxious to leave my PC on idle fearing that it would start and use my resources.

Answer 1

You could be infected with malware like this user.

https://learn.microsoft.com/en-us/answers/questions/1349917/windows-powershell-suddenly-pops-and-uses-too-much

You first need to determine what scripts are being executed to see if they are legitimate or not.

Open a powershell prompt with "run as administrator" and execute this command.

Get-WmiObject Win32_Process -Filter "name = 'powershell.exe'" | select commandline

What are the script file names? Do you recognize the folder names being related to something that you intentionally installed?

In the link that I posted, there are instructions on how to use Autoruns to look for Powershell related startup entries. You can use that tool to disable/delete those entries.

If you see strange names like 747D9CF3-170B-4097-A847-D75876F01A8C.ps1 then you probably are infected. Run a Defender scan and an MRT scan (see link).

If they don't detect anything, install Malwarebytes and run a full scan.