Is regedit stil infected?

Discussion in 'Malware Help (A Specialist Will Reply)' started by barefoot, Jan 5, 2011.

  1. barefoot

    barefoot Private E-2

    I was having a redirection problem with both Firefox and IE. They were sending me to German versions of Google and sometimes trying to send me to websites that AVG would pop-up a warning against going there. I ran Antispyware, Malwarebytes, and AVG but nothing seemed to help. So i came to MajorGeeks and went through the removal process. The redirection has now stopped but I am a little concerned with one line I saw in the Combofix.txt file that said regedit.exe is infected! I could not tell if regedit had been fixed or not. So, now I am afraid use it. Can you help me understand what the situation is now? Thanks.
     

    Attached Files:

    barefoot, Jan 5, 2011
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please attach the log from ComboFix as well as SAS.
     
    TimW, Jan 5, 2011
    #2
  3. barefoot

    barefoot Private E-2

    This afternoon I ran ComboFix again. The log is attached. The previous log for ComboFix which is contained in the MGlogs.zip that was attached to my first post shows the files that were removed on the first run. Tonight when I got home I ran SAS again and it found Rogue.Pallidium. This was the first time SAS had detected this. The log is attached. I also ran MBAM again and that log is attached. What should i do next? Thanks for your help.
     

    Attached Files:

    barefoot, Jan 6, 2011
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let's try this:

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

FCopy::
C:\WINDOWS\ServicePackFiles\i386\regedit.exe | C:\WINDOWS\regedit.exe
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\ComboFix.txt
    * C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
    TimW, Jan 6, 2011
    #4
  5. barefoot

    barefoot Private E-2

    I followed your instructions but things did not go as well as expected. I dragged the CFscript.txt file and dropped in onto ComboFix and ComboFix ask to be updated. After it updated it seemed to run as usual. After it went thru the 50 steps it said that windows was restarting. At that point all the icons on the desktop disappeared leaving only the tray at the bottom of the screen with the START button. The machine stayed in this situation for about 30 minutes while I waited patiently. I finally decided that the system was not going to do anything more so I tried to restart and then shutdown thru the START button but I got no response. So, as a last resort I shutdown the power. I waited a while and then restarted the machine. It was a very slow restart but eventually the ComboFix popped up saying that a log file was being created. That log and the MGlogs.zip are attached.

    When the computer was rebooting a message came up saying the system date and time were incorrect. The year was set to 1980. I reset it to the correct date and time.

    The redirection of Foxfire and IE stopped yesterday after the first run of ComboFix, and everything seems to be working OK at the moment. I started this thread over a concern about regedit.exe. Do you think that is fixed now? Thank you for all your help!
     

    Attached Files:

    barefoot, Jan 6, 2011
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    ComboFix found and replaced the infected file. You should be ok now. I am not seeing any other malware in your logs.

    I would suggest, however, that you create a limited user account for surfing the web.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.


    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    10. After doing the above, you should work thru the below link:




    Help Support MajorGeeks
    Buy Discounted Software @ Majorgeeks Store. Giveaways Too!

    Majorgeeks Geek Wear. Hats, T-Shirts, Hoodies

    MajorGeeks on FaceBook
     
    TimW, Jan 6, 2011
    #6
  7. barefoot

    barefoot Private E-2

    After my last post I ran ComboFix again. The log is attached and appears to say that regedit was again infected. Also, another log has appeared on my desktop named catchme.log. I have attached that also. I have no idea of what created it.
     

    Attached Files:

    barefoot, Jan 6, 2011
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Combo created the catchme log. You can delete it. Again, Combo disinfected the file. What has me wondering is why it is being re-infected.

    Go to start / run / type:
    sfc /scannow and have your windows disc handy in case it needs to replace any files.

    Then re-run Combo.
     
    TimW, Jan 6, 2011
    #8
  9. barefoot

    barefoot Private E-2

    I ran sfc /scannow this afternoon. It took maybe 30 minutes but apparently found no problems. At least no messages, errors, or requests appeared on the screen. The little bar just moved steadily across the box until it finished and then suddenly disappeared from the screen.

    When I got home from work tonight I ran ComboFix. The log is attached. It still reported regedit as "infected". What I wonder is: Infected with what? Is it possible this is a false positive for some type malware?
     

    Attached Files:

    barefoot, Jan 6, 2011
    #9
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re-run Combo. If it asks for a reboot, do so and then immediately run it again. Attach both logs.
     
    TimW, Jan 7, 2011
    #10
  11. barefoot

    barefoot Private E-2

    Anytime I run Combo, ZoneAlarm pops up a box at Stage_2 saying NirCmd.cfxxe wants access to the internet. I assume this is part of Combo so I click OK. Later, after Stage_50 when it starts to shutdown and reboot the computer it always hangs with a blue screen. I have to turn the power off and then on to get the thing going again. After that, during the startup I get a message saying the date and time are incorrect and asks me to press F1 to continue. When the computer is up and running again the date is always Jan 4, 1980.

    With all that said, here is what I did to create the attached logs. I ran Combo and when I got the log created I moved it from C:\ to the desktop thinking maybe the second run would overwrite the first log. I set the date and time to the correct values. Then, I ran Combo again. If I should have done something differently please tell me and I can follow your new instructions. Thanks for your help and patience.
     

    Attached Files:

    barefoot, Jan 7, 2011
    #11
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    We have replaced it manually, as well as Combo replacing it each time it runs. Let me do some consultation with the team to see what other path we might try to fix this. Bare with me. :major
     
    TimW, Jan 7, 2011
    #12
  13. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You need to disable ALL protection software, including ZoneAlarm, which may be what is stopping the fixes from working.

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

FCopy::
C:\WINDOWS\ServicePackFiles\i386\regedit.exe | C:\WINDOWS\regedit.exe
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\ComboFix.txt
    * C:\MGlogs.zip
     
    TimW, Jan 8, 2011
    #13
  14. barefoot

    barefoot Private E-2

    To make sure Avira or ZoneAlarm would not be a problem I just uninstalled them both. I ran ccleaner and rebooted. Then I dropped the CFscript onto Combo. The good news is that this time Combo did not hang on the computer reboot and everything seemed to go smoothly. I also ran GetLogs.bat. All the logs you requested are attached.

    The bad news is I ran Combo again and it still says regedit is infected! That log is also attached. What a mystery!
     

    Attached Files:

    barefoot, Jan 9, 2011
    #14
  15. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let's try this from a different approach.

    Now download and save this XPsp3bu.exe to your C:\ root folder. You must do this properly. Now run the XPsp3bu.exe program by double clicking on it. You may or may not notice a quick flash of a black window. This is normal. The program runs quickly and just extracts some files we need.

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

FCopy::
C:\MGtools\temp\regedit.exemg | C:\WINDOWS\regedit.exe
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    You will have to run it once and then after a reboot, run Combo again to see if it is still reporting it as infected.
     
    TimW, Jan 9, 2011
    #15
  16. barefoot

    barefoot Private E-2

    I followed your instructions. The two logs are attached. It still reports regedit is infected.

    The was one slight variation to your instuctions. FireFox downloaded XPsp3bu.exe to the desktop. However, I moved it to C:\ before I ran it. If this made a difference just let me know and I will download directly to c:\ and do the procedure again.
     

    Attached Files:

    barefoot, Jan 9, 2011
    #16
  17. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let's try this. We will uninstall ComboFix first.
    Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
    "%userprofile%\Desktop\combofix" /uninstall
    Notes: The space between the combofix" and the /uninstall, it must be there.This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

    Now please toggle system restore so we don't have Combo trying to restore from that location.

    After a reboot. Download a new copy of ComboFix to your desktop. Don't run it yet.

    Now we will try to do it with a clean copy.

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

FCopy::
C:\MGtools\temp\regedit.exemg | C:\WINDOWS\regedit.exe
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now on the reboot, run Combo again to see if it is still being reported as infected.
     
    TimW, Jan 9, 2011
    #17
  18. barefoot

    barefoot Private E-2

    I followed your instructions exactly. Regedit is still infected. Logs attached.
     

    Attached Files:

    barefoot, Jan 9, 2011
    #18
  19. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Do you have your windows install cd?
     
    TimW, Jan 9, 2011
    #19
  20. barefoot

    barefoot Private E-2

    I am not the original owner of this computer and I did not get the winXP installation CD. It is an hp/compaq and when I phoned their customer support today to try to get a disk to restore the OS I had no success. The guy I spoke with must be in India, he spoke very poor English, and the phone connection was very bad. I spent 15 minutes trying to communicate with him only to eventually find out that they would not support the computer. Their customer service really sucks! Do you have any other ideas?
     
    barefoot, Jan 10, 2011
    #20
  21. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let's do some checking of the file.

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      regedit.exe
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    Next I want you to run an online scan:
    eSet Online Scan.
     
    Last edited: Jan 10, 2011
    TimW, Jan 10, 2011
    #21
  22. barefoot

    barefoot Private E-2

    I followed your instructions. Attached are the two log files.
     

    Attached Files:

    barefoot, Jan 10, 2011
    #22
  23. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Arrgghhh.....some days are better than others!!


    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
C:\WINDOWS\regedit.exe
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
     
    TimW, Jan 10, 2011
    #23
  24. barefoot

    barefoot Private E-2

    I followed the instructions from your last post. Attached is the txt file. It says cannot find c:\windows\regedit.exe, but when I look in the windows folder it shows a file named regedit.exe is present. What does this mean?
     

    Attached Files:

    barefoot, Jan 11, 2011
    #24
  25. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Interesting. Let's do it this way:


    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
regedit.exe.*
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
     
    TimW, Jan 11, 2011
    #25
  26. barefoot

    barefoot Private E-2

    Re: Is regedit still infected?

    OK, here is latest search result.
     

    Attached Files:

    barefoot, Jan 11, 2011
    #26
  27. barefoot

    barefoot Private E-2

    I also ran SAS earlier today. The log is attached. Maybe it will tell you something.
     

    Attached Files:

    barefoot, Jan 11, 2011
    #27
  28. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    That is showing two different hash numbers for the regedit file. Let me do some digging and get back with you. It may be that Combo is just not happy with the file versions.
     
    TimW, Jan 11, 2011
    #28
  29. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please uninstall ComboFix.

    Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
    "%userprofile%\Desktop\combofix" /uninstall
    Notes: The space between the combofix" and the /uninstall, it must be there.
    This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

    Now disable system restore, reboot but don't re-enable it.

    Now run CCleaner to remove any left overs from Combo.

    Then download a fresh copy of Combofix to your desktop.

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

FCopy::
C:\i386\REGEDIT.EXE | C:\WINDOWS\regedit.exe
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the previous file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\ComboFix.txt
    * C:\MGlogs.zip
     
    TimW, Jan 11, 2011
    #29
  30. barefoot

    barefoot Private E-2

    I followed the last instructions you gave. The log files are attached.
     

    Attached Files:

    barefoot, Jan 11, 2011
    #30
  31. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This seems to be a problem with ComboFix. The hash file numbers are correct but Combo is not recognizing them for some reason. So we can chalk this up to a false positive for Combo. Since that was the only issue we were trying to deal with, you can go ahead and do the final cleanup.

    Since you are not having any malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.


    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    10. After doing the above, you should work thru the below link:




    Help Support MajorGeeks
    Buy Discounted Software @ Majorgeeks Store. Giveaways Too!

    Majorgeeks Geek Wear. Hats, T-Shirts, Hoodies

    MajorGeeks on FaceBook
     
    TimW, Jan 12, 2011
    #31
  32. barefoot

    barefoot Private E-2

    I cleaned up everything according your instructions. Thanks again for all your effort in helping me with this problem. You provide a valuable service.
     
    barefoot, Jan 12, 2011
    #32
  33. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are quite welcome. Safe surfing. :)
     
    TimW, Jan 12, 2011
    #33

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds