I've spent countless hours on this issue and believe the answer to the O.P.'s question is NOT to waste time running a bunch of virus searches.
It looks very much like there are http requests embedded in ads served in frames labelled AdChoices that are asking the sync-eu.exe.bid site for (something -- maybe an image or maybe one of the many java scripts that are downloaded by these ad servers). The http request often includes parameters like /falktech1 or other words that I don't recall.
I've been able to replicate the problem repeatedly and see the http requests in the chrome console.
One very common offender is this page: http://www.inquisitr.com/3945227/vikings-season-4-finale-what-does-the-word-written-on-heahmunds-sword-mean/
Further, when you use chrome's Inspect tool to look at the source script for these frames, you see a truly amazing amount of code that includes a maze of scripts which call other scripts, etc., and they all generate an enormous number of requests to various ad servers. The offending call might not even be present in the script you see at first review -- it could exist in another script that was called by another script, etc.
My theory: the ad server behind all this is seeding the sync-eu.exe.bid in nested scripts in different frames at different times. So, you might inspect the script on a frame and not see the sync-eu request, but then when you reload it the request appears. At one time the sync-eu request appeared in a console in association with one of the iframe labels within the script. That's what convinced me that this all originates with the ad server.
The alert also appears when viewing the "weirdo list" pages like "check out these 25 embarrassing moments" or "you won't believe what these child stars are doing now" like poplyft or viralmoon or detonate or whatever. I've been able to replicate the problem on a few of those. When you do these tests: BE SURE TO CLOSE OTHER OFFENDING PAGES. For example, if you generate the alerts on the inquisitr page, be sure to close the page before looking at another page in a different tab.
I'm not sure if this is an effort by the ad servers to track user activity or something more sinister (I suspect it is) and I further don't know why Google, with all its sophistication, doesn't block it when the User config includes "don't track me." But I could be wrong about that.
I further don't understand why the so-called expert on this site mindlessly told the inquiring user to spend a lot of time downloading and running various utilities without even understanding the problem or its source. And when another user added info to the thread, the so-called expert chases him off with an order to "start your own topic." Then when the would-be helper said "hey just trying to help" the so-called expert repeated his order to go away and also told HIM to spend a lot of time downloading and running various utilities. Are you freaking kidding me!?!?!?!???????
Finally: I have to admit I could be all wrong about this. I don't have the expertise to collect every java script that is downloaded over a period of time, so that I could inspect it to eventually find the http requests for sync-eu.exe.bid. But even if I'm wrong, I hope the so-called expert doesn't give me condescending orders to go away and/or spend a lot of time running virus tools because, without any investigation, he has decided that this is "probably some adware or a tracking cookie" and because that guess came to his mind, the rest of us should start downloading an array of unfamiliar tools and wasting an enormous amount of time running them without getting any result or answer for the problem.
I have spent hours on end over several days chasing this problem, and it started with a lot of worthless virus scanning because of this kind of mindless advice. I wouldn't troll the guy for possibly being wrong, but when he got crappy towards somebody that was trying to help, he earned it, imho.