Rimuovere Omiga plus

Aqualung · Messaggio da **Aqualung** » lun ott 27, 2014 11:53 pm

Su un s.o windows 7 pro all'apertura di IE la pagina iniziale si apre sempre su Omiga plus e ogni tentativo di eliminare questa schifezza che non so sia spyare o virus o cosa accidenti sia, risulta inutile
Ho provato con Malwarebytes...niente
seguendo diverse guide in rete (ne cito un paio)
LINK
LINK
Allego anche il log di HijackThis sperando possiate aiutarmi a rimuovere definitivaente questo malware
Grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:01:17, on 26/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\System32\wscript.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
E:\Prg pulizia malware\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gogle.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14400;https=127.0.0.1:14400
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (file missing)
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files\DealPly\DealPlyIE.dll (file missing)
O2 - BHO: HelloWorldBHO - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files\Flowsurf\FlowSurf.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O4 - HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files\PokerStars.IT\PokerStarsUpdate.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Servizio DealPly Live (dealplylive) (dealplylive) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: Servizio DealPly Live (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: GuOusWk - Small Island Development - C:\ProgramData\hQUTODV\GuOusWk.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\system32\nethtsrv.exe
O23 - Service: NewPlayer - Unknown owner - C:\Program Files\ver7NewPlayer\m4fJ180.exe
O23 - Service: scores - Unknown owner - C:\Windows\score.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\system32\netupdsrv.exe
O23 - Service: Update Krab Web - Unknown owner - C:\Program Files\Krab Web\updateKrabWeb.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

Questo contenuto è nascosto, ma senza JavaScript non puoi gestirlo correttamente. Passa con il mouse sopra a questo testo per visualizzarlo!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:01:17, on 26/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\System32\wscript.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
E:\Prg pulizia malware\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gogle.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14400;https=127.0.0.1:14400
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (file missing)
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files\DealPly\DealPlyIE.dll (file missing)
O2 - BHO: HelloWorldBHO - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files\Flowsurf\FlowSurf.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O4 - HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files\PokerStars.IT\PokerStarsUpdate.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Servizio DealPly Live (dealplylive) (dealplylive) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: Servizio DealPly Live (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: GuOusWk - Small Island Development - C:\ProgramData\hQUTODV\GuOusWk.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\system32\nethtsrv.exe
O23 - Service: NewPlayer - Unknown owner - C:\Program Files\ver7NewPlayer\m4fJ180.exe
O23 - Service: scores - Unknown owner - C:\Windows\score.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\system32\netupdsrv.exe
O23 - Service: Update Krab Web - Unknown owner - C:\Program Files\Krab Web\updateKrabWeb.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

Messaggio da **System** » lun ott 27, 2014 11:53 pm

Sem · Messaggio da **Sem** » mar ott 28, 2014 1:50 am

esegui una scansione con AdwCleaner https://toolslib.net/downloads/finish/1/ e allega il log. Successivamente se non vuoi piu incappare in queste cose io consiglierei l'uso di Unchecky http://unchecky.com/files/unchecky_setup.exe. Posta un nuovo log di hijackthis.

Fai sapere

Messaggio da **crazy.cat** » mar ott 28, 2014 3:26 am

Mi sembra strano che malwarebytes non abbia visto tutti questi problemi. Sicuro di aver fatto una scansione completa e non quella veloce?
Elimina queste voci con hijackthis, disabilita i servizi che vedi in fondo e che iniziano con 023, rimuovi dalle applicazioni installate tutte le voci che non conosci e potrebbero essere parecchie. come ha detto sem utilizza unchecky visto che avvei fatto scorta di applicazioni inutili.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... earchTerms}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14400;https=127.0.0.1:14400
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (file missing)
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files\DealPly\DealPlyIE.dll (file missing)
O2 - BHO: HelloWorldBHO - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files\Flowsurf\FlowSurf.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O4 - HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\RunOnce: [DelTr1977203] cmd.exe /c rd /s /q "C:\Users\Admin\AppData\Roaming\WSE_Astromenda"
O23 - Service: Servizio DealPly Live (dealplylive) (dealplylive) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: Servizio DealPly Live (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: GuOusWk - Small Island Development - C:\ProgramData\hQUTODV\GuOusWk.exe
O23 - Service: NewPlayer - Unknown owner - C:\Program Files\ver7NewPlayer\m4fJ180.exe
O23 - Service: scores - Unknown owner - C:\Windows\score.exe (file missing)
O23 - Service: Update Krab Web - Unknown owner - C:\Program Files\Krab Web\updateKrabWeb.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[/spoiler]

gioia271965 · Messaggio da **gioia271965** » mar ott 28, 2014 6:57 am

Dopo tutte queste operazioni vai a controllare nei programmi installati e, quasi certamente, troverai installati software che fanno riferimento a questa spazzatura. Rimuovi tutto e, successivamente, ripulisci il pc con programmi del tipo ccleaner o wisecare 365. Al termine, vai nella cartella Program data (in "c") e controlla che non sia rimasta qualche traccia. Fai la stessa cosa nella cartelle "c" - users - tuonomeutente - appdata - roaming e fai la stessa cosa. Assicurati di svuotare la cartella temp dell'utente e quella presente in "c" - windows. Il tuo pc deve essere ripulito da cima a fondo.

Aqualung · Messaggio da **Aqualung** » mar ott 28, 2014 11:44 pm

Grazie per i suggerimenti, ma alla fine mi sono deciso a risolvere con un bel formattone di cui questa macchina aveva decisamente bisogno!
Comunque per sicurezza metto su "Unchecky" e spero che spiegando al propritario del pc che deve stare attento a cosa e come installa i software free
il pc rimanga pulito almeno per un po... ma appena formattato e installato il s.o , e aggiornato il sistema con windows update farò una immagine del disco con macrium reflect in modo che in caso di altri e probabili problemi tutto si possa risolvere con semplice ripristino dal backup di macrium

crazy.cat ha scritto:Mi sembra strano che malwarebytes non abbia visto tutti questi problemi. Sicuro di aver fatto una scansione completa e non quella veloce?

Malwarebytes con scansione completa del sistema aveva trovato quasi cento problemi di cui nove virus e altre nefandezze;
dopo la pulizia e dopo una seconda scansione completa con Avira e MBAM ambedue i prg non trovavano altro malware ma il problema Omiga plus come home page di IE rimaneva tale e quale..
Mi sembrava risolto dopo aver ripulito il collegamento ad IE sul desktop (vedi img) ma al riavvio il problema si ripresentava.
Da qui e anche in considerazione della lentezza del sistema ho alla fine optato per il "format C:/

Grazie a voi per il supporto

Messaggio da **crazy.cat** » sab nov 15, 2014 6:27 pm

Aqualung ha scritto:ma il problema Omiga plus come home page di IE rimaneva tale e quale..

Sono riuscito a trovarlo solo oggi omiga plus https://turbolab.it/496
Io ho solo modificato i link (di tutti i browser) e poi non si è mai più presentato.

Chissà quante varianti di questa schifezza ci sono in giro.

Messaggio da **System** » sab nov 15, 2014 6:27 pm

TurboLab.it

Rimuovere Omiga plus

Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Rimuovere Omiga plus

Re: Re: Rimuovere Omiga plus