Name:WORM/VBNA.B.370
Entdeckt am:28/06/2010
Art:Worm
In freier Wildbahn:Ja
Gemeldete Infektionen:Mittel
Verbreitungspotenzial:Niedrig
Schadenspotenzial:Niedrig
Statische Datei:Ja
Dateigröße:69.632 Bytes
MD5 Prüfsumme:fc5845e43fd492b43fdd39e53f615823
VDF Version:7.10.03.191
IVDF Version:7.10.08.209 - Montag, 28. Juni 2010

 General Aliases:
   •  Kaspersky: Worm.Win32.VBNA.b
   •  TrendMicro: WORM_VBNA.ABZ
   •  Microsoft: Trojan:Win32/VB.AAG
   •  AVG: VB.ADYE
   •  Panda: W32/Autorun.JXY
   •  VirusBuster: Worm.VBNA.TCJ
   •  Eset: Win32/TrojanClicker.VB.NPD
   •  AhnLab: Win32/Vbna.worm.69632.ARD
   •  DrWeb: Trojan.MulDrop1.39253
   •  Fortinet: W32/VBNA.B!worm
   •  Ikarus: Worm.Win32.VBNA


Betriebsysteme:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows 7


Auswirkungen:
   • Setzt Sicherheitseinstellungen herunter
   • Änderung an der Registry

 Registry Folgende Registryschlüssel werden geändert:

– [HKLM\SOFTWARE\Microsoft\Security Center]
   Alter Wert:
   • "UACDisableNotify"=dword:00000000
   Neuer Wert:
   • "UACDisableNotify"=dword:00000001

– [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
   Alter Wert:
   • "EnableLUA"=dword:00000001
   Neuer Wert:
   • "EnableLUA"=dword:00000000

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   Alter Wert:
   • "DisableSR"=dword:00000000
   Neuer Wert:
   • "DisableSR"=dword:00000001

– [HKLM\SYSTEM\ControlSet001\Services\sr]
   Neuer Wert:
   • "Start"=dword:00000004

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
   Neuer Wert:
   • "ShowSuperHidden"=dword:00000000
   • "SuperHidden"=dword:00000001
   • "Hidden"=dword:00000002
   • "HideFileExt"=dword:00000003

– [HKCU\Software\Microsoft\Internet Explorer\Main]
   Neuer Wert:
   • "Start Page"="http://www.nuevaq.fm"
   • "Local Page"="http://www.nuevaq.fm"
   • "Search Page"="http://www.nuevaq.fm"
   • "Default_Search_URL"="http://www.nuevaq.fm"
   • "Default_Page_URL"="http://www.nuevaq.fm"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Netscape.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Safari.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\opera.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\chrome.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\helper.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\updater.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\crashreporter.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\firefox.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Filemon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Procmon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\procexp.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\portmon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\prckiller.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\gpedit.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\boot.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zlh.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Regmon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\fslaunch.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\cclaw.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ndntspst.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\nd98spst.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\kis8.0.0.506latam.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\kav8.0.0.357es.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\WS2Fix.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\UCCLSID.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\VACFix.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\unzip.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\swsc.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\swxcacls.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Diskmon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\SrchSTS.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\SmitfraudFix.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\IEDFix.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\HostsChk.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\GenericRenosFix.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\exit.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\dumphive.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Restart.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Process.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ntdetect.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\HJTInstall.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\ChromeSetup.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Opera_964_int_Setup.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\
   GoogleToolbarInstaller_download_signed.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\fa-setup.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonealarm.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonalm2601.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zonalarm.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zauinst.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zatutorzauinst.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zatutor.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zapsetup3001.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\zapro.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\xscan.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\xpf202en.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wyvernworksfirewall.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wsbgate.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wrctrl.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wradmin.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wnt.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wmiav.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wmias.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winsfcm.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winservices.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winroute.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winrecon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winppr32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winmgm32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe\""

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wink.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\winhlpp32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wingate.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wimmun32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\whoswatchingme.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wgfe95.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\wfindv32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webtrap.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webscanx.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\webscan.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\watchdog.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\w9x.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\w32dsm89.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vvstat.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswinperse.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswinntse.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vswin9xe.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsstat.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsscan40.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsmon.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsmain.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsisetup.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vshwin32.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsecomr.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vsched.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscenu6.02d30.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscan40.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vscan.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

– [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\vptray.exe]
   Neuer Wert:
   • "Debugger"="%WINDIR%\twunk_16.exe"

 Datei Einzelheiten Programmiersprache:
 Das Malware-Programm wurde in Visual Basic geschrieben.

Die Beschreibung wurde erstellt von Alexandru Dinu am Donnerstag, 12. August 2010
Die Beschreibung wurde geändert von Alexandru Dinu am Montag, 23. August 2010

zurück . . . .