Hello i have some serious virus. It happened to me before 3 years ago. I replaced all devices and got a new router at the same time and all new accounts. This fixed it. However, it returned. I thought i was hacked on my pc. At first i saw someone was remote on my pc. Windows 10 home. I tried blocking this by turning off remote desktop services and winrm. Also did this with script in powershell. Eventually my pc broke and i couldnt start my laptop ever again. Now i borrowed a laptop. After 2 days i noticed i have a shortcut virus. At first i saw a weird device turning up. Steelseries PS/2 keyboard Forwarding device. All info unknown. I removed this and my external usb bluetooth mouse and touchpad still worked. However it pops up again after i log on or after some time again. Now i found out i have a shortcut virus. All kinds of shortcuts are created and windows dissapear and a lot of stuff is happening. I had the same on my broken laptop as i had the same issues. I have 2 admin accounts and when i log on to one account the other is also opened when i look in taakmanager. I used antivirus software and defender. Nothing was ever detected. I think my usb mouse contains badusb mallware with this shortcut virus. It spreads fast. When i open a shortcut the window it opens often changes with respect to letter calibration clearness ans size, it flashes moves in the sceen and sometimes gets screenlocked, stops working or dissapears while remaining opened in taskmanager. Its already everywhere after using this borrowed laptop for 3 days. My explorer folder and pc structure has changed in one windows account. The desktop is the highest lvl structure with my pc ans user account and settings etc below it. I cannot see the pathway for these. I can rightclick the icons and they refer to the pathway they are orriginally. I also see my laptop in connected devices with option to search inside and open stuff like settings and see the devices. There are many processes happening and it eats the processor alive. All kinds of developer options get added to my programa even i have not installed this. Also the borrowed laptop had windows 10 pro. When i received it i did fresh install. After it finished the pc had windows 10 home. I couldnt get it back even when signing in to the microsoft account linked to the windows pro 10 activation key. I cannot return to the former windows. Fresh install option doesnt provide the means to completely do so. And it doesnt work. I have a feeling other devices in my network have also been infected. I hope my router software can not be infected? It has original software from my provider and i have reset to factory few times and changed password. Malware bytes on my phone doesnt find anything.
back to the windows 10: i looked up the registry for local machine microsoft windows current and run, the only one starting without a defined folder pathway is tiltwheelmouse.exe from pximouse. When i clicked on open file in pathfolder i came to system32. After this the window dissapeared and when i tried opening the folder again from taskmanager and rightclick on the startup item pxi mouse, there was no such option. It also changed so that no info was available and all my startup programs now showed as start from registry. I did never change anything in the registry. I only looked at it. I cannot disable the pxi mouse anymore. I wanted to disable it as i did before and all my mouses the usb and the mousepad still worked. I also saw that the pxi mouse/tiltwheelmouse.exe was linked to this weird device with no info: Steelseries ps/2 keyboard Forwarding device which i kept disabling and removing. Apparently this device is activated when i plug in the usb mouse. Disabling the device doesnt stop any mouse from working. So i think the usb mouse has somehow been infected with a virus or badusb malware and i plugged it into the borrowed device which then got infected as well. I cannot format the usb mouse so... i will just throw it away. Nevertheless, the laptop is infected already. So i googled.
I tried what was suggested on several websites with cdm.exe as admin but i didnt get rights to perform the actions suggested online. Likr disablr autorun.ink etc on windows C drive. The mouse was not connected. No other devices are only use a lancable from my router if i need internet. I tried fresh install but it didnt happen with no error messages. My firewall from norton which came with this laptops software is messed up and i have no controll to change it. A lot of things have changed in 2 days so i cannot change all options. My mouse from the laptops mousepad is moving across the screen and all sorts of stuff happen. I dont have much controll. Im sure it is shortcut virus, probably together with other malware and spyware. No clue how i got the shortcut virus on my mouse usb in the first place because i never used it on other pcs before and i never use other usbs.
All i know is that I have to act quickly. That is why im asking advice here before turning on the laptop again. I dont have much time before this laptop will be potatoes as well and i need a very effective method before I do anything myself. After fixing this virus and laptop i probably need more help by finding out what happened and if other devices connected to my network are in danger. Please help me. Ask me any missing info as it is very confusing to explain all stuff happening. I could use any help. Thanks in advance!