SysWoW64 Infection

[FlyDwen]

Hello,
Seeing my reset's logs contain some "Warning: Overlap: Directory \??\C:\Windows\SysWOW64\sv-SE\ is owned twice or has its security set twice", I have search how to correct it (I know my computer was infected after I downloaded "Cheat Engine". So I have reset my computer and, after checking the logs and seeing the message, I have restart my computer in "Command Prompt" mode.
I have did the analysis and get the FRST.txt.

Thanks for your help.
P.S. Sorry for my bad English. I am French.

 

[FlyDwen]

Here is the FRST.txt

 

[FlyDwen]

Here are Addition.txt and FRST.txt generated on normal boot.

 

[FlyDwen]

And my ''setupper.log" file contains the next informations (with errors) (attachment)
After resetting my computer, I just had a "Windows.Old" file in C: while I didn't choose to keep my personal files. So I just started my computer in "Command Prompt" mode to delete it (it contains some dll files in three folders).

 

[TwinHeadedEagle]

Hello. Your computer isn't infected. Syswow64 isn't an virus, don't let some malware removal guides fool you.

 

[FlyDwen]

But, after the installation of CheatEngine, I have rebot my computer and, on restart, I have saw in Process Hacker two programs which were instances of "Syswow64". I didn't see them before.

 

[TwinHeadedEagle]

Where did you get that CheatEngine from? Are you sure it is not malicious?

 

[FlyDwen]

I got that CheatEngine on official website, and saw after it is detected like trojan on virustotal by more than 10 antivirus.
It was Wednesday, more than one week ago.
On restart, like I have said, I have saw some SysWoW64's processus on Process Hacker.
And actually, I can see two processus : "Memory Compression" and "Registry" which have no description and no file location (error when I click on Open File Location).

 

[TwinHeadedEagle]

Can you get FRST reports one more time?

 

[FlyDwen]

On normal boot ?

 

[TwinHeadedEagle]

Yes.