How To Remove AD Popup VIRUS When Windows Starts Up?

Malwarebytes free: https://www.malwarebytes.org/

That should work.

Open programs and features and sort by install date to see if it added an additional piece of software, then run msconfig and see what programs launch at startup. Assuming you can't identify the problem from there, open your settings tab in google chrome and see what pages launch when it's opened.

Some of those little guys are ugly and some require a system restore - if you can't get it cleaned after that point, run a system restore. If it's still buggy, try running an antimalware scrubber like malwarebytes or superantispyware.

If all the above fails you and it irritates you enough to want it gone, prepare to reload windows. I will pray it's not that malicious dude

click the 3 line icon next to the address bar, click settings, there is a section called on startup and it has a section for you to be able to specify what happens when you launch the browser. Typically, most people have it either at google.com, gmail or a blank tab but sometimes those bugs imbed their webpage in that section. Additionally, check in extensions to see what's enabled.

sorry - just saw the second question. Not always - it depends on the architecture. When you install a program and it asks you to restart your computer, what it' really doing is trying to setup a restore point so that if you discover installing that driver or application causes issues with another program, you can simple run a system restore to that restore point and it will remove any changes that were made when the application was installed. Usually, what it is actually doing is removing the changes that were made to your system registry and most bug makers try their best to make it difficult to remove their hard work. It's worth a shot but if they're smart, it won't help you at all.

any luck with chrome extensions that shouldn't be there or pages launching at startup?

First download and install the app web of trust to chrome or WOT it will block any websites that people have reported, 2nd disable java script, and then slowly build your trusts back allowing them to run JavaScript on your page again from websites that you normally go to. Next delete all history, cookies, data etc... Then lastly run something like a adware cleaner http://www.bitdefender.com/solutions/adware-removal-tool-for-pc.html or http://www.bleepingcomputer.com/download/adwcleaner/ better yet use both. Then download tdskiller and run it. I would also like to add you should run a antivirus program with real time protection, this will help with things like usb drives dropping payloads, websites running malicious scripts, etc... The thing with malwarebytes free is that is doesn't offer real time protection. I would recommend buying the pro version which I use and runs great, and if you can't afford it just do the 30 day pro free trial.

By slowly building trust I meant when you disable it, at first you will need to enable JavaScript to run again on pages that you visit. Slowly build trust is letting chrome know you are okay with running JavaScript on that page, so slowly you will notice yourself not having to enable it as much say in like a week, because you will have it enabled on all your favorite websites by then. You can disable it by doing this. go to settings>Advanced settings>Privacy-Content settings>JavaScript-Will be the 3rd choice>Select Disable

The Captcha is almost certainly part of our anti-spam and anti-crawl system - it's currently set a little too aggressively, IMHO.

I would just check your system startup folder first, just to see if anything got added. I pretty sure you don't have a virus, but if you had issues related to twunk look at http://blog.vilmatech.com/twunk_32-exe-virus-fix-twunk_32-exe-error-issues/ I just didn't feel like typing out all the instructions so I found you a link. Like most window system files pretty much any of them have the ability to become a virus from a malware author. I would say apply the fix from the link if needed, then just ignore it because I do malware analysis for a living and I can safely tell you are most likely not infected, I think you might of forgot to leave a check box blank, so it probably just added some adware that might be annoying but should be fixable. If you want some more reassurance just go look at the last date modified, and see if it has the Microsoft signature, if you see two and they both say like 09, you are good trust me.

Twunk is part of windows, it isn't anything to worry about, not all odd named exe files are bad. Can you link the website, without and shortners etc

That website doesn't appear to come up in any of my tools as malicious, even running it through a vm doing some light analysis it doesn't really do anything malicious. The virustotal scan also came back clean https://www.virustotal.com/en/url/25b3c2754965906a2b26a0e1bb114aa7561978c21a63a0f1a8350897ea9ee612/analysis/

The web of trust stuff came back as being yellow which means some people have reported it for pop-ups etc...
https://www.mywot.com/en/scorecard/farbeck.net?utm_source=addon&utm_content=contextmenu

The website itself doesn't drop a payload, it most likely just makes money each time you go to it, pay per click.

as for the http://katproxy.com/volgarr-the-viking-v2-0-0-1-2013-pc-eng-t7869593.html#main

This torrent is like a lot of other torrents, some of its contents have been tampered with, and do carry malware.

Virus total didn't find anything about the link

https://www.virustotal.com/en/url/f0fceae8e3423ce2f75877187478b1f8e3c316fb8829dba4fa7ef418c85d41b7/analysis/

But wot uses have reported it for a few malware related things, it just really depends on what you downloaded.
https://www.mywot.com/en/scorecard/katproxy.com?utm_source=addon&utm_content=contextmenu

What I would do is check your homepage, and your system startup folder. There is also a guide which shows you how to see if there is a webpage that is set in google chrome to come up as soon as you start it. http://www.ampercent.com/browser-opening-unknown-page-at-startup/9627/

It is possible that the game that you downloaded came from a time when the servers got compromised in 2012, Katproxy is just a child of the kickasstorrents website. You can read the full review here from someone who analyzed the site and the payload it dropped from files
http://2.bp.blogspot.com/-Gf0zaSDi14c/TppVJO0xMHI/AAAAAAAAChY/FMfz_dKHlNA/s1600/malvertising%2Bon%2Bkickasstorrents%2Bspreading%2Bsecurity%2Bsphere%2B2012%2Bfake%2Bantivirus%2Bvia%2Bhacked%2Bopenx%2B2.png

Another thing you could try is roguekiller, and fully scan your system.

The only other thought I could have without putting to much time into is to download something like process monitor and do a little bit of your own analysis http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx if you see something odd just look it up or ask me again here, if you do find something suspicious coming up again and again even after you kill it, just pause it then try to figure out which one of the other processes is its buddy. Viruses all use the buddy system, one goes down, the other brings it back up. You can also try cleaning/clearing everything up with ccleaner.

Firstly:

Start > Run > type: msconfig
Go to the "Start up" tab and disable all programs that are displayed here (with exception of anti-virus) & reboot PC


Secondly:
Download a program called rkill from the link below:
http://www.bleepingcomputer.com/download/rkill/

Run the program as Admin, it will temporarily kill any malicious processes running on your machine & reset a few broken things.. *DO NOT reboot PC yet*


Thirdly:
Download AdwCleaner from the following link below:
http://www.bleepingcomputer.com/download/adwcleaner/

Run a scan as Admin, scan and remove everything it finds & now reboot your PC


Fourthly (continue if problem hasn't been solved):
Download HitmanPro for your PC using link below:
http://www.surfright.nl/en/hitmanpro/

Excellent second opinion cloud scanner, run as trial and do a scan, remove anything it finds and reboot PC


Fifthly (continue if problem hasn't been solved):
Reset your HOSTS file, might be redirections in there.

If you don't have anything important I would just repave and format and install the os again. They most likely changed some registry values, so no matter how many times you delete/change stuff the registry will bring it back up. You could change the registry where it got messed up, but that can be hard without know what messed it up in the first place. So just wipe once, unless you ate taco bell, and install the os again.

I think one thing that you could try is just uninstalling chrome, and then try switching to firefox. The ad thing might only target chrome. Again I don't really think we are dealing with a virus, just something simple like a check box when you installed the torrent or game that installed some extra junk, and edited your registry making it hard to pin point both the file, and the registry for it. As for the windows 7 ultimate if you have the key you can use that key to install it again. Windows 8.1 unless it is pro or higher will be limited to 16 gigs of ram depending on which one you have. if you have the bandwith you could probably upload your files to a cloud overnight while you are asleep. then reformat in the morning if nothing else is working. I use http://www.adrive.com/personal_premium You get 50gigs for free, or for like $2.50 a month you get 10tb of space. I would just upload there, then transfer back and remove the stuff from your account.