DownLoadNSave still there

Hello,

I have followed the directions in the READ/RUN ME thread and still have an issue.

About 1-2 weeks ago I started seeing random words transformed into hyperlinks to little ad boxes appearing on many websites or some times just a line saying "ads by downloadnsave". I don't really do any risky stuff online so I'm not sure where this came from. There were also lots of stationary ad boxes from downloadnsave appearing on certain pages like youtube but those seem to be gone now.

here are the logs

 

Is this what you mean?

 

Forgive me but I can't seem to figure out how to locate the file specified. There is no AppData folder in user CouldBAny1??? I must be looking in the wrong place. Also the hyperlinks are showing up in IE as well (I never use it so I hadn't noticed). Is this a problem associated only with certain browsers?

As far as porn goes do you mean any/all porn sites? because (full disclosure) I have had a recurring membership to Videobox for over a year now and never had any problems with it. It's a business/pay site which I assume would be safe and clean. I don't really mess with anything else as far as that goes because I don't need to, and I know it's all poisonous.

Two things I just recall that may have been mistakes on my part. About 9 months to a year ago I used a couple of youtube2MP3 converter websites that did look kind of sketchy with obnoxious ad banners and links every where but I got nervous about that and stopped using them. Never noticed any problems after that though.

Also after watching the movie Dread I Did a google Image search for 1 of the actresses and did follow some of the links to the images but it was just the type of stuff you would find on IMDB not nude/porn type sites. And that was about 1-2 months ago and the hyperlink ads only showed up last week. Don't these type of problems show up as soon as you get infected??

 

Update-progress!

I Did not have a pop up blocker on firefox so I added one, and then I checked the add-ons (should have done this at the start I know) and found DownloadNSave. So I deleted it and found the same add-on in IE but the options were disabled, so I located the file on the main drive and deleted that.

Afterwards I was able to find and edit the file you said and things seem to good now, although downloadnsave is still listed in the IE add-ons tab under 'not available'. I can't seem to do any thing to it but IE seems clean now as well. Is this a remnant or whats left of the file?

Anyways thank you very much for your help!