The usual old methods were not used. No shady processes in windows task manager or in chrome task manager. I have not installed new software long time ago. No PPI installed whatsoever. No plugins for chrome installed other than the official gmail and alerts. No shady/hidden folders in user/appdata. Nothing new there either Nothing new or "backdated" in the control panel "install/uninstall new software" Checked all the browser shortcuts for properties or flags - nothing No shady bat/dll files Ran every option in CCleaner to clean everything - nothing bad found except the usual windows cache/temp crap. No shady startup records AND still my browser shows some spam adverts instead of the normal adverts here on bhw. I have had removed PPI/adware spyware many times. But this is something new and/or very nasty.. Restarted my chrome and everything is back to normal. When I first saw the shady ads I inspected the html code and couldn't find specific div ids or classes. It was looking very natural but I knew bhw is only advertising links and seo stuff etc. not "you are 100 000th visitor! You win Ipad" etc. The advertisement url was adnxs.com . Looks like some kind of adware crap. No idea how I got this crap but every time I restart my laptop its back again. Advice for you: Its not only exe dll bat that can infect your pc. RAR archives can be injected with malicious code. Double clicking the rar (not even extracting) is enough for the code to be executed. Be careful and have your private data on some external hdd, when you are reinstalling your windows, always wipe your whole drive(s).