Unsure if we have a virus or not, shutdown failures etc

So yesterday something popped up on my fiance's computer which said that universal driver updater was unable to run. Then Avira popped up and said it had moved it to quarantine. He ran a whole scan, the program was not in the program list, nothing else seemed out of place.

Until we tried to shut down. It looked like it was shutting down and then went to the welcome screen where you log in. It did this 4 times, we tried shutting down from the welcome screen, after logging in...and then finally we had to disconnect the power.

He said to me he clicked a Facebook quiz link for fun and a new tab opened and then closed so I think he might have been hit by a driveby.....but I don't know what it was or how to find out and fix it. Any help is appreciated.

Is this the workings of a virus? How do we troubleshoot it and also how do we uninstall that driver thing (we deleted its folder in program files but it pops up saying it's trying to install)? His specs are the same as my profile except he uses windows 10 and has a different screen :).

We're up to TDSSKiller. Universal Driver Updater is back (including error popups because it's unable to excecute its file, createprocess failed with error code 2 because we deleted the file). I am attaching the Avira notice cause it may help, also attaching the scan...what should we do? The last two are legit things installed but not sure on the first one.

On fiance's computer, just easier this way....

Code:

# AdwCleaner v6.020 - Logfile created 29/09/2016 at 11:16:13# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-28.1 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : Michael - DESKTOP-BH8K9VQ
# Running from : D:\Library on D\Downloads on D\adwcleaner_6.020 (1).exe
# Mode: Clean
# Support : https://toolslib.net/forum






***** [ Services ] *****


[-] Service deleted: AppVerifier




***** [ Folders ] *****


[-] Folder deleted: C:\Users\Mikey\AppData\Roaming\Advancedpccare.com
[-] Folder deleted: C:\Users\Mikey\AppData\Roaming\EasyFileOpener
[-] Folder deleted: C:\Program Files\Advanced PC Care
[-] Folder deleted: C:\ProgramData\Advancedpccare.com
[-] Folder deleted: C:\ProgramData\AppVerifier
[#] Folder deleted on reboot: C:\ProgramData\Appverifier 
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Advancedpccare.com
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AppVerifier
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Appverifier 
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PC Care




***** [ Files ] *****


[-] File deleted: C:\appverifier.txt




***** [ DLL ] *****






***** [ WMI ] *****






***** [ Shortcuts ] *****






***** [ Scheduled Tasks ] *****






***** [ Registry ] *****


[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\AppVerifier
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\AppVerifier
[-] Key deleted: HKU\S-1-5-21-1397434896-1249509146-2682902517-1001\Software\Advancedpccare.com
[-] Key deleted: HKU\S-1-5-21-1397434896-1249509146-2682902517-1001\Software\ICSW1.17
[-] Key deleted: HKU\S-1-5-21-1397434896-1249509146-2682902517-1001\Software\ICSW1.19
[-] Key deleted: HKU\S-1-5-21-1397434896-1249509146-2682902517-1001\Software\csastats
[#] Key deleted on reboot: HKCU\Software\Advancedpccare.com
[#] Key deleted on reboot: HKCU\Software\ICSW1.17
[#] Key deleted on reboot: HKCU\Software\ICSW1.19
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\Advancedpccare.com
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.17
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.19
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: [x64] HKLM\SOFTWARE\Advancedpccare.com
[-] Key deleted: [x64] HKLM\SOFTWARE\AppVerifierService
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com




***** [ Web browsers ] *****


[-] [C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.oursurfing.com/?type=hp&ts=1435465737&z=facc5ed2533890d3d835c61gbz0c2w4z6qbw6m5c7m&from=dig2&uid=ST9500325AS_6VEJ7EY5XXXX6VEJ7EY5




*************************


:: "Tracing" keys deleted
:: Winsock settings cleared


*************************


C:\AdwCleaner\AdwCleaner[C0].txt - [3222 Bytes] - [29/09/2016 11:16:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [3165 Bytes] - [29/09/2016 11:14:55]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3368 Bytes] ##########

I think it's clear it picked something up, just wanted to keep you posted. I guess that appverifier has been taken care of.

Okay all of those are done now and it's shutting down right and we haven't had a universal driver popup again yet!

I think you fixed it!!

It seems you had quite a load of PUPs there.

Yeah the only thing recently installed was the Hi-REZ thing, which was required to play their game Paladins, which was installed from Steam. We're not sure if it was a drive by (because of the tab popping up then vanishing) or if it was somehow attached to something or what.

What do you mean Reset? We did complete the list .