Buenas de nuevo!
Parece ser que éste programa ya sí ha encontrado la amenaza y la infección del SysWOW64 en svchost.exe. Le di a eliminar infección y aquí mando los informes (uno el del análisis y el otro de la desinfección):
Program : RogueKiller Anti-Malware
Version : 15.3.0.0
x64 : Yes
Program Date : Feb 17 2022
Location : E:\DESCARGAS\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19043) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : EL SOTO
User is Admin : Yes
Date : 2022/02/18 15:55:05
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 949
Found items : 5
Total scanned : 92557
Signatures Version : 20220218_101851
Truesight Driver : Yes
Updates Count : 6
************************* Warnings *************************
************************* Updates *************************
CPUID CPU-Z 1.92 (64-bit), version 1.92
[+] Available Version : 1.99
[+] Size : 4,58 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CPUID\CPU-Z\
CrystalDiskInfo 8.4.2 (64-bit), version 8.4.2
[+] Available Version : 8.15.2
[+] Size : 13,7 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CrystalDiskInfo\
CrystalDiskMark 7.0.0h (64-bit), version 7.0.0h
[+] Available Version : 8.0.4
[+] Size : 10,3 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CrystalDiskMark7\
Mozilla Firefox (x64 es-ES) (64-bit), version 97.0
[+] Available Version : 97.0.1
[+] Size : 210 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\Mozilla Firefox
WinRAR 5.90 (64-bit) (64-bit), version 5.90.0
[+] Available Version : 6.10
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\WinRAR\
qBittorrent 4.4.0 (32-bit), version 4.4.0
[+] Available Version : 4.4.1
[+] Size : 163 MB
[+] Wow6432 : Yes
[+] Portable : No
************************* Processes *************************
[Proc.Svchost (Malicioso)] svchost.exe (5468) -- C:\Windows\SysWOW64\svchost.exe -> Encontrado
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
[Suspicious.Path (Potencialmente Malicioso)] C:\WINDOWS\Tasks\vxplayer.job -- C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe [-mek=1077 -mclweu=0166294] -> Encontrado
[Suspicious.Path (Potencialmente Malicioso)] \vxplayer -- C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe [-mek=1077 -mclweu=0166294] -> Encontrado
************************* Registry *************************
>>>>>> XX - System Policies
└── [PUM.Policies (Potencialmente Malicioso)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Encontrado
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
[PUP.HackTool (Potencialmente Malicioso)] (folder) TNod User & Password Finder -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder -> Encontrado
************************* Web Browsers *************************
************************* Antirootkit *************************
Program : RogueKiller Anti-Malware
Version : 15.3.0.0
x64 : Yes
Program Date : Feb 17 2022
Location : E:\DESCARGAS\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19043) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : EL SOTO
User is Admin : Yes
Date : 2022/02/18 16:09:06
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 949
Found items : 5
Total scanned : 92557
Signatures Version : 20220218_101851
Truesight Driver : Yes
Updates Count : 6
************************* Warnings *************************
************************* Removal *************************
[Proc.Svchost (Malicioso)] svchost.exe -- -> Terminado [Tree]
[+] scan_what : 1
[+] vendors : Proc.Svchost
[+] Name : svchost.exe
[+] Type : Process
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 2
[+] id : 0
[+] status : 3
[+] status_str : Terminado [Tree]
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : 0
[Suspicious.Path (Potencialmente Malicioso)] C:\WINDOWS\Tasks\vxplayer.job -- C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe (-mek=1077 -mclweu=0166294) -> Borrado
[+] scan_what : 0
[+] vendors : Suspicious.Path
[+] Name : C:\WINDOWS\Tasks\vxplayer.job
[+] value : C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe (-mek=1077 -mclweu=0166294)
[+] Type : Task
[+] file_hash : 34CCD576374822C8FEACFE025A1DFA6279318D40AE50609BFC5A72ADEC2E9639
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 1
[+] status : 3
[+] status_str : Borrado
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[Suspicious.Path (Potencialmente Malicioso)] \vxplayer -- C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe (-mek=1077 -mclweu=0166294) -> Borrado
[+] scan_what : 0
[+] vendors : Suspicious.Path
[+] Name : \vxplayer
[+] value : C:\Users\EL SOTO\AppData\Local\f2a30456\vxplayer.exe (-mek=1077 -mclweu=0166294)
[+] Type : Task
[+] file_hash : 34CCD576374822C8FEACFE025A1DFA6279318D40AE50609BFC5A72ADEC2E9639
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 2
[+] status : 3
[+] status_str : Borrado
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUM.Policies (Potencialmente Malicioso)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Reemplazado (2)
[+] scan_what : 1
[+] vendors : PUM.Policies
[+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 4
[+] id : 3
[+] status : 3
[+] status_str : Reemplazado (2)
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : 0
[PUP.HackTool (Potencialmente Malicioso)] TNod User & Password Finder -- %programdata%\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder -> Borrado
[+] scan_what : 1
[+] vendors : PUP.HackTool
[+] Name : TNod User & Password Finder
[+] value : %programdata%\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
[+] Type : File/Folder
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 4
[+] status : 3
[+] status_str : Borrado
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : 0
¿Habremos conseguido eliminar la infección?