Does anyone know what the app is trying to do? Lately I have noticed my CPU temperature and power consumption spiking every few minutes. I left Task Manager open and saw that a PowerShell process ran and disappeared instantly every time the spike occurred.
I used Process Monitor and managed to trace it back to the Blitz app. For example there were multiple attempts to run the following commands
powershell.exe (24672) Windows PowerShell C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe <graph> Microsoft Corporation MyPC\User powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
and
findstr.exe (26212) Find String (QGREP) Utility C:\Windows\System32\findstr.exe <graph> Microsoft Corporation MyPC\User findstr /C:"Detected boot environment" "C:\WINDOWS\Panther\setupact.log"
I have currently quit Blitz and disabled it on startup but isn't this kinda sketchy? Feels similar to rumored crypto mining. The spikes stopped happening after I disabled the app.
Quick Google found a Malware report a few days ago which after a few read seems to be exactly what I found with Process Monitor.
