www.MegaLab.it

da **marco ballotta** » lun nov 19, 2007 1:33 pm

Mi si apre IE da solo e va in continuazione su siti random.
L'antivirus Mc Afee non è più attivo, spybot non si riesce a caricare.

Vi posto lo scan fatto con Kaspersky e hijiack:

KASPERSKY ONLINE SCANNER REPORT
Sunday, November 18, 2007 6:52:47 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/11/2007
Kaspersky Anti-Virus database records: 461273
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 80709
Number of viruses found: 5
Number of infected objects: 18
Number of suspicious objects: 0
Duration of the scan process: 03:01:03

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Dati applicazioni\m\data.oct Infected: Trojan-Downloader.Win32.Bagle.fu skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Dati applicazioni\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\DVD Software\produkey.zip/ProduKey.exe Infected: not-a-virus:PSWTool.Win32.Dialupass.o skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\DVD Software\produkey.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\ntuser.dat Object is locked skipped
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Programmi\eMule\emule.exe -AutoStart Infected: Trojan-Downloader.Win32.Bagle.fm skipped
C:\Programmi\eMule\Incoming\FireWire IIDC Camera Driver 1.0.1.zip/FireWire IIDC Camera Driver 1.0.1.exe Infected: Trojan-Downloader.Win32.Bagle.fm skipped
C:\Programmi\eMule\Incoming\FireWire IIDC Camera Driver 1.0.1.zip ZIP: infected - 1 skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/J8Jq4K1.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/x7N8Mdi.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/iLlNgCV.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/gTEH230.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/GW7m8r1.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/X0EpsH4.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/d0CmX21.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/Xx7CJJO.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/E0qkfMq.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe/V76cm54.exe Infected: Email-Worm.Win32.Drefir.e skipped
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe RAR: infected - 10 skipped
C:\WINXP\Debug\PASSWD.LOG Object is locked skipped
C:\WINXP\SchedLgU.Txt Object is locked skipped
C:\WINXP\Sti_Trace.log Object is locked skipped
C:\WINXP\system32\config\AppEvent.Evt Object is locked skipped
C:\WINXP\system32\config\default Object is locked skipped
C:\WINXP\system32\config\default.LOG Object is locked skipped
C:\WINXP\system32\config\SAM Object is locked skipped
C:\WINXP\system32\config\SAM.LOG Object is locked skipped
C:\WINXP\system32\config\SecEvent.Evt Object is locked skipped
C:\WINXP\system32\config\SECURITY Object is locked skipped
C:\WINXP\system32\config\SECURITY.LOG Object is locked skipped
C:\WINXP\system32\config\software Object is locked skipped
C:\WINXP\system32\config\software.LOG Object is locked skipped
C:\WINXP\system32\config\SysEvent.Evt Object is locked skipped
C:\WINXP\system32\config\system Object is locked skipped
C:\WINXP\system32\config\system.LOG Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINXP\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINXP\system32\yyddzx.exe Infected: Email-Worm.Win32.Agent.bg skipped
C:\WINXP\wiadebug.log Object is locked skipped
C:\WINXP\wiaservc.log Object is locked skipped

Scan process completed.

hijiack:

Logfile of HijackThis v1.99.1
Scan saved at 0.55.14, on 19/11/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINXP\Explorer.EXE
C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmi\eMule\emule.exe
C:\WINXP\system32\spoolsv.exe
C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programmi\CachemanXP\CachemanXP.exe
C:\Programmi\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINXP\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINXP\system32\NOTEPAD.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Capitani Lorenzo.COMPUTER-LORENZ\Desktop\PC Help\Hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmi\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programmi\File comuni\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINXP\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [gyxlxgud] C:\tqfgsrv^.bat
O4 - HKLM\..\Run: [outiwbyj] C:\mqwvfjkw.bat
O4 - HKLM\..\Run: [uscdrvwt] C:\vnixdyvl.bat
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programmi\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?0659c13f8825449cad5afc92737a2bbd
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?0659c13f8825449cad5afc92737a2bbd
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINXP\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SPYBOT~1\SDHelper.dll
O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/Im ... oolbar.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\Programmi\CachemanXP\CachemanXP.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\System32\nvsvc32.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Programmi\Sunbelt Software\CounterSpy\SBCSSvc.exe

Io ho provato a seguire la vs guida per eliminareil bagle con avenger ma forse non o capito bene come farlo:
ho fatto dei copia+incolla di tutti gli oggetti che risultavano infettati dallo scan di Kasperski.
Gli oggetti con "object is locked" non li ho considerati...
Dovevo scrivere poi anche prima "files to delete"??

aiuto!!!!

[boh]

ciao

da **ste_95** » lun nov 19, 2007 1:56 pm

Segui questa guida e poi posta il log finale del programma:

scarica elibagla
aprilo
assicurati che la casella eliminar ficheros automaticamente sia spuntata
quindi avvia la scansione
al termine in C.\Infosat.txt troverai il log, copia e incollalo qui

da **crazy.cat** » lun nov 19, 2007 2:10 pm

Questo e' lo script per avenger

Files to delete:
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\hldrrr.exe
C:\WINDOWS\system32\trusted.exe
C:\WINDOWS\system32\drivers\pci32.sys
C:\Programmi\eMule\emule.exe
C:\Programmi\eMule\Incoming\FireWire IIDC Camera Driver 1.0.1.zip
C:\Programmi\eMule\Incoming\Magix-VideoDeluxe-2007_2008_7.0.0.25-Plus-De-(Patch)-install.exe
C:\WINXP\system32\yyddzx.exe

folders to delete:
C:\WINDOWS\exefnd
C:\WINDOWS\exefld

registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\srosa
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
HKLM\SYSTEM\CurrentControlSet\Services\pci32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCI32

da **marco ballotta** » lun nov 19, 2007 9:10 pm

ecco il log dopo aver fatto girare elibagla:

Mon Nov 19 20:28:09 2007
EliBagle v10.72 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINXP\SYSTEM32\BAN_LIST.TXT -->

Eliminado Bagle
C:\WINXP\SYSTEM32\DRIVERS\HIDR.EXE -->

Bagle Renombrado a .VIR
C:\WINXP\SYSTEM32\DRIVERS\SROSA.SYS -->

Eliminado Bagle (rootkit)
Por favor, envienos una muestra del fichero
C:\Muestras\FLEC006.EXE.Muestra EliBagle v10.72
a "virus@satinfo.es". Gracias.
C:\DOCUMENTS AND SETTINGS\CAPITANI LORENZO.COMPUTER-LORENZ\DATI APPLICAZIONI\M\FLEC006.EXE -->

Eliminado Bagle
C:\DOCUMENTS AND SETTINGS\CAPITANI LORENZO.COMPUTER-LORENZ\DATI APPLICAZIONI\M\LIST.OCT -->

Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"

Mon Nov 19 20:28:48 2007
EliBagle v10.72 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Programmi\eMule\Incoming\KASPERSKY ANTI-VIRUS FOR MICROSOFT ISA SERVER 2004 ENTERPRISE EDITION 5.1.654.ZIP -->

Eliminado Bagle
C:\Programmi\eMule\Incoming\KASPERSKY ANTI-VIRUS PERSONAL PRO 6.0.2.621.ZIP -->

Eliminado Bagle

Nº Total de Directorios: 6780
Nº Total de Ficheros: 80201
Nº de Ficheros Analizados: 9003
Nº de Ficheros Infectados: 3
Nº de Ficheros Limpiados: 2

Mon Nov 19 20:36:11 2007
EliBagle v10.72 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6781
Nº Total de Ficheros: 80216
Nº de Ficheros Analizados: 9002
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0

Mon Nov 19 20:50:53 2007
EliBagle v10.72 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad E:\

Nº Total de Directorios: 15
Nº Total de Ficheros: 170
Nº de Ficheros Analizados: 13
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

cosa ne dite?

da **ste_95** » lun nov 19, 2007 10:30 pm

tutto a posto ora...confermi?

Fai attenzione quando scarichi qualcosa da eMule, spesso contengono virus...

da **marco ballotta** » mar nov 20, 2007 7:35 pm

Mi pare che il sistema sia tornato (quasi) normale, nel senso che IE non si apre più all'impazzata su siti random e riesco anche a partire in modalità provvisoria (prima non riuscivo più).

E' rimasta solo una cosa, che non so se correlata con il virus o meno, anche perché mi capitava anche prima quando (forse) non avevo ancora il virus: quando il sistema è sotto pressione (sta girando Spybot, oppure sto giocando a qualche gioco) ed è affaticato (si può dire?) il pc si blocca, cioè non si spegne o riavvia ma non risponde più ad alcun comando, il disco fisso nonsi sente più e devo riavviare il pc a mano.

Qualcuno mi ha detto che ho troppe cose inutili e dovrei cancellarne un po'.

Cosa ne dite?

grazie comunque per i consigli [fischio]

da **ste_95** » mar nov 20, 2007 7:47 pm

queste cose inutili in cosa consisterebbero?

da **marco ballotta** » mer nov 21, 2007 6:09 pm

Ma troppi antyspy, antivirus e simili.....

Comunque ieri sera ho tentato di dare una passata con Spybot e dopo ca. 20/25 minuti è uscita una pagina blu con
KERNEL_ STACK_PAGE_ERROR

Ho riavviato manualmente ed è ripartito

Avete qualche suggerimento (driver da aggiornare o simili....bo?)

ciao

da **ste_95** » mer nov 21, 2007 6:44 pm

prova a guardare questa pagina M$:

http://support.microsoft.com/?kbid=228753

www.MegaLab.it

antivirus disattivato e apertura di IE su siti random

antivirus disattivato e apertura di IE su siti random

elibagla

bagle

cose inutili

Chi c’è in linea