To my knowledge there is no such infection. Nowadays malware has the primary goal of making money for this it either needs to ransom the money off you or it must run stealthily to be able to collect your data/rent out your PC to others etc. In addition the more 'obvious' the interference of the malware with the PC, the more easily it is detected and picked up by anti virus programs.
The fact that so much things are happening are usually more a sign of conflicting security solutions or programs. However we will take a close look at what is on the PC and make the call then and try to understand what is causing the symptoms as much as possible.
The HKey_Users is a standard key in your registry, deleting that one would break your machine beyond repairing. This key contains at least 4 separate "users": Your own account, the system account which has higher privileges to be able to run installers and such without problems (This is a default OS account that must exist. All core processes will be run by the user system). The "network account", which is a limited account that handles incoming and outgoing calls to programs and the 'local service' which is basically a system account with less permissions than the system account.
Except for your account, all these accounts are inbuilt, but you can't log in to them and for some parts the permissions are set such that only these inbuilt accounts can access the settings, that's normal in particular for the network account.
The -k netsvcs/-k bhtsvc is also a 'windows feature'. Basically what you're seeing here is a work around to launch a dll file as a service where usually only exe-files are allowed. Therefore the svchost.exe exists that will launch the dll and the command line will be something like svchost.exe -k bhtsvc. The term following -k is a group of services which will be launched in specific orders to make sure that all cross dependencies between the services are met.
Can you tell me what the NTFS Upper case files were? How did you determine that it's not the hard drive?
It is possible for malware to set itself up in the router, unfortunately. However it will not gain admin access to your PC from there, this is not how it works. The infections that set themselves up in the router will usually redirect your traffic through routes that are either giving you additional popups or rerouting your search results still so that they can gain more income from displaying ads.