Threat Descriptions

Tibick.F

Classification

Category :

Malware

Type :

Worm

Platform :

W32

Aliases :

Tibick.F

Summary

Tibick.F is a peer-to-peer (P2P) network application worm with IRC-command like backdoor/bot capabilities.

Removal

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

The Tibick.F worm spreads via peer-to-peer (P2P) network applications.

Upon execution, it drops a file named "svcnet.exe" into the Windows system folder.

The dropped file is set to run during Windows startup with the following registry key:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Shell API32 "svcnet.exe"

Tibick.F adds itself to the list of Windows Firewall trusted applications.

It checks for Internet connectivity by creating a connection to

http://tbc3.hanged.tk

Tibick.F also acts as a backdoor or as a bot, and listens for IRC-commands from a remote attacker.

It spreads itself via the following P2P applications:

  • EMULE
  • IMESH
  • KAZAA
  • MORPHEUS
  • WAREZ

To spread itself, users of the P2P network must download the worm's file. An appealing file name encourages downloads.

The names used are:

  • 321 Studios GamesXCopy 1.0.8
  • 3D Slot Car Racing Game 1.0
  • 3D Studio Max 6
  • ABBY FineReader Pro 7.0
  • acdsee 7.0.61
  • ACDSee PowerPack 7.0.43
  • ACDSee v7.0 Powerpack 7.0
  • Acrobat Reader
  • Acrobat Reader
  • Ad-aware
  • Ad-aware Pro
  • Ad-aware Professional
  • Adult Tetris 2
  • After Effects PRO v6.5
  • Age of Empires II The Age of Kings
  • Age Of Mythology
  • Age Of Mythology - The Titans
  • Agnitum Outpost Firewall 2.5.369
  • Ahead Nero Burning 6.6.0.3 Ultra Edition
  • AlbumWrap
  • AlbumWrap Extractor v1.0
  • Alcohol 120% v1.9.2 build 1705
  • Alias Acclaim
  • All Products
  • All-in-One Secretmaker
  • Anti-Trojan 4.0
  • AnyDVD 3.9.2.1
  • AnyDVD 4.0.4.1
  • AOL Instant Messenger (AIM)
  • AquaZone Desktop Garden 1.0.1.1 full
  • Ares Galaxy
  • Ares Lite
  • Ashampoo WinOptimizer Platinum Suite 2 2.01
  • Avant Browser
  • Babylon Pro 5x
  • Backyard Baseball 2003
  • Backyard Wrestling 2 - There Goes the Neighborhood
  • Battlefield 1942
  • Battlefield Vietnam
  • Battlefield Vietnam Multiplayer Online
  • Besieger DreamCatcher Interactive
  • BitComet
  • BitSpirit 1.2.0 RC3
  • Blindwrite Suite 4.5.3
  • Blinx 2 - Masters of Time & Space \x6
  • Blitzkrieg - Burning Horizon
  • C&C Generals
  • Call Of Duty
  • CCALG - Credit Card Generator
  • CD to MP3 Freeware 1.5
  • Chicken Invaders 2 2.60
  • City of Heroes NCsoft
  • Civilization III
  • Classic NES Series - The Legend of Zelda
  • Clone DVD 2
  • CloneCD 5.x
  • CloneCD All Version
  • CloneDVD v1.x
  • CloneDVD v3.x Retail
  • CloneDVD2 v2.x
  • ColdFusion MX
  • Command & Conquer - Generals
  • Command & Conquer - Generals Zero Hour
  • Command and Conquer - Generals Zero Hour
  • Contribute v2.0
  • Cool Edit 2000 1.1
  • CopyToDVD 3.0.3
  • Corel Draw Graphics Suite 12.0
  • Counter-Strike Condition Zero
  • Crusader Kings Paradox Entertainment
  • Cubase Audio XT 3.X
  • CWShredder 2.12
  • CyberLink PowerDVD v6.0 Deluxe7
  • Dark Age Of Camelot - Trials Of Atlantis
  • Dark Matter - The Baryon Proj
  • dBpowerAmp Music Converter
  • DC++ 0.668
  • Deus Ex Invisible War
  • DFX Audio Enhancement 2.0.1
  • Diablo 2
  • Dialupass 2.43
  • Director 8
  • DivX Player
  • DivX Player (with DivX Codec)
  • dMSN mercury messenger 1.7.0.6
  • Doom 3
  • Doom 3
  • Doom 3 SDK
  • Dope Wars
  • Download Accelerator Plus
  • Download Accelerator Plus 7.3
  • Download Accelerator Plus V7.1
  • Download Accelerator Plus v7.2 Premium
  • Dr Divx
  • Dr.Divx 1.0.6 Build 105
  • Dragon Ball Z - Budokai 3
  • Dragon Ball Z - Supersonic Warriors
  • Dragon Warrior VIII
  • Dreamweaver 4.0 Patch
  • Dreamweaver MX 2004 7.0
  • Dreamweaver MX v6.0
  • Dreamweaver UltraDev 4.0 Patch
  • DRIV3R
  • Drug Wars - Underworld 1.3
  • Dungeon Lords DreamCatcher Interactive
  • Dungeon Siege
  • DVD Decrypter 3.5.1.0
  • DVD Region-Free 5.5
  • DVD Shrink 3.2.0.15
  • DVDXCopy Platinum 4.0.3.8
  • Easy CD-DA Extractor 7.1.3.1
  • Easy CD-DA Extractor 7.13.2
  • eIMAGE Recovery 3.0
  • eMule
  • eMule 0.44b
  • Enter the Matrix
  • ESPN NFL 2K5 Sega
  • Exe Icon Changer 3.753
  • F.E.A.R.
  • Fable \x6
  • Far Cry
  • Fifa 2005
  • Final Fantasy VII - Advent Children
  • Final Fantasy XI - USA
  • Final Fantasy XII
  • Fire Emblem - Seima no Kouseki
  • Fireworks 4.0 Patch
  • Flash 5
  • Flash All Versions
  • Flash MX v6.0
  • Flash SWF-Unprotect v2.0
  • FlashFXP 2 RC2
  • FlashFXP All Version
  • FlashFXP v1.4.1
  • FlashFXP v1.4.3
  • FlashFXP v2.0
  • FlashFXP v2.1
  • FlashFXP v2.2
  • FlashGet Forgotten Realms - Demon Stone
  • Flight Simulator 2004 - A Century Of Flight
  • Free Internet TV 3.2
  • Freedom Force
  • FreeHand v10 Loader
  • Front Mission 4
  • FrontPage XP 2002
  • FTP Server Serv-U 5.1 Coporate Edition
  • Full Spectrum Warrior
  • Geist GetRight 5.2
  • Goblin Commander - Unleash the Horde
  • Golive v6.0
  • Gran Turismo 4 SCEA
  • Grand Theft Auto - San Andreas
  • Grand Theft Auto 3
  • Grand Theft Auto III
  • Grand Theft Auto San Andreas
  • Grand Theft Auto Vice City
  • Grokster
  • GTA GX Transcoder 2.10.2350
  • Gunbound Trainer
  • Half-Life 2
  • Half-Life 2
  • Half-Life 2
  • Halo - Combat Evolved - \x6
  • Halo 2
  • Harry Potter and the Prisoner of Azkaban Adventure
  • Harry Potter and The Sorcerers Stone
  • Harry Potter and the Sorcerers Stone
  • HeadStrong WebClicker 2.56
  • Heroes of Might and Magic IV
  • Hidden and Dangerous 2
  • HijackThis
  • Icewind Dale 2
  • ICQ 4
  • ICQ Pro 2003b
  • Illustrator v10.0 Time Limit
  • ImageReady v1.0
  • ImageSlurp 2.43
  • iMesh
  • Internet Download Manager 4.03
  • Internet Download Manager v4.02
  • IsoBuster Professional v1.7.0.0
  • Jedi Academy
  • JetAudio Basic
  • Joint Operations - Typhoon Rising NovaLogic
  • Juiced Acclaim
  • Kaspersky (License
  • Kaspersky Anti-Hacker v1.7
  • Kazaa Download Accelerator Pro
  • Kazaa Download Manager 3.0
  • KaZaA Lite Plus 1.0
  • Kingdom Hearts II
  • K-Lite Codec Pack v2.31 Full
  • K-Lite Mega Codec Pack 1.13
  • Knights Apprentice Memoricks Adventures Games
  • LimeWire
  • LimeWire (International)
  • LimeWire Download Manager 4.2.6
  • LimeWire server scanner
  • Longhorn Transformation Pack 8.0
  • Lord of the Rings The Battle for Middle-earth 1.00
  • LostGoggles
  • LOTR
  • Madden NFL 2003
  • Madden NFL 2005 EA
  • Mafia
  • MagicScore maestro 3.5
  • Malice Mud Duck Productions
  • Mario Pinball Land Puzzle Nintendo
  • Mario Tennis
  • Matrix Screensaver
  • Max Payne 2
  • Max Payne 2 Fall Of Max Payne
  • Max Payne 2 The Fall of Max Payne
  • MaxPayne 2 The Fall Of Max Payne
  • McAfee VirusScan 9.0
  • McFarlanes Evil Prophecy
  • Medal Of Honor - Allied Assault
  • Medal Of Honor - Allied Assault BreakThrough
  • Medal of Honor Pacific Assault
  • Media Player
  • Medieval - Total War
  • Mega Man Anniversary Collection
  • Metal Gear Acid PSP
  • Metal Gear Solid 3 - Snake Eater
  • Midnight Club 3 - DUB Edition
  • mIRC 6.X
  • Monopoly 3
  • Morpheus
  • Mortal Kombat 4
  • Mozilla Firefox
  • MP3 Doctor 5.11.15
  • mp3DirectCut 1.38
  • MS Office XP Activation
  • MS Zoo Tycoon
  • MSN advert remover
  • MSN Messenger ( XP)
  • MSN Toolbar
  • MSN Toolbar advert remover
  • MusicMatch Jukebox Plus 9.00
  • MVP Baseball 2004 EA
  • MyIE2
  • NBA Live 2003
  • NBA Live 2004
  • NCAA Football 2005 EA
  • Need For Speed 5 - \3
  • Need for Speed Hot Pursuit 2 CDerator
  • Need for Speed Underground
  • Need for speed underground - nocd
  • Need for Speed Underground 2
  • Need for Speed Underground 2
  • Need for Speed4 - NOCD
  • NeedforspeedUnderground-nocd
  • Nero 6 Ultra Edition
  • Nero 6 Ultra Edition
  • Nero 6 Ultra Edition
  • Nero 6 Ultra Edition 6.6.0.1
  • NERO 6.6.0.1
  • Nero 6.6.0.1
  • Nero 6.6.0.3 Ultra
  • Nero Burning Rom 6.6.0.3
  • Nero Burning Rom Reloaded 6.6.0.1
  • Nero Burning ROM v6.x
  • Nero Reloaded 6.6.0.1
  • Nero Ultra Edition 6.6.0.1
  • NetPumper
  • NetPumper
  • Ninja Gaiden Tecmo
  • NOD32 2.12.1
  • Norman Virus Control 5.70
  • Norton 2004
  • Norton 2004 Professional activation
  • Norton 2004 Professional Edition
  • Norton 2005
  • norton 2005
  • norton 2005
  • Norton AntiSpam 2004
  • norton internet security 2005
  • Norton Personal Firewall 2005 retail
  • nVidia nTune 2005
  • Office 2000 Regmaker
  • Office 2003 Pro
  • Office XP Activation
  • Office XP Activation Killer
  • Office XP Professional
  • Office XP Professional Serial
  • Office XP Universal Activator v1.0
  • Onimusha 3 - Demon Siege Adventure
  • PageMaker v7.0
  • Paris Hilton Sex-E Screensaver 1.0
  • Partition Magic 8.0
  • Photoshop 7
  • Photoshop CS
  • Photoshop CS 8
  • PhotoShop CS 8.0 & ImageReady CS 8.0
  • PhotoShop CS v8.0
  • Photoshop Universal
  • PINNACLE STUDIO PLUS V9.3
  • Plus! Media Center Edition
  • Pocket Tanks 1.0
  • PornSnatcher 2.31
  • PowerDVD v5.9 Deluxe
  • Psi-Ops - The Mindgate Conspiracy Midway
  • Purge Jihad Freeform Interactive LLC
  • Quake 3 - The Arena
  • QuickTime
  • RealPlayer
  • RealPlayer
  • RealPlayer
  • Red Dead Revolver
  • RegClean 4.1a
  • RegCleaner 4.30.780
  • Registry Mechanic
  • Registry Mechanic
  • Registry Mechanic 3.0
  • Resident Evil 4 GC Adventure
  • Rise of Nations - Thrones and Patriots
  • Risk II 1.0
  • RM to MP3 Converter 1.21
  • RoboForm
  • RoboForm
  • Roller Coaster Tycoon
  • Rollercoaster Tycoon 3 3
  • RollerCoaster Tycoon and Attractions
  • RYL Second Life Linden Lab
  • Serial Generator v2.0
  • Serials 2000 v7.1 Plus (build 06.16.04)
  • server 2003
  • Server 2003 SP1 Build 1039-2l
  • SeXstazy 3.0.2.11
  • Shadow Ops - Red Mercury
  • ShellShock - Nam 67
  • shinoya Success
  • Shockwave Player
  • Silent Storm - Sentinels _No Company
  • Sim City 4 - Rush Hour
  • Sim City 4 Deluxe
  • Sim Theme Park World
  • Sims 2
  • Singles - Flirt Up ur Life
  • Sniff-em 1.12
  • Snood
  • Snood
  • Snood
  • Snowblind
  • Soldat 1.1.4
  • Soldier of Fortune II- Double Helix
  • SolSuite 2004 - Solitaire Card Games Suite
  • SolSuite 2004 - Solitaire Card Games Suite
  • Sonic the Hedgehog 3
  • Spider-Man 2
  • Spider-Man 2 GC
  • Sponge Bob Square Pants - Operation Krabby Patty
  • Spy Sweeper 3.2 147
  • Spybot - Search and Destroy
  • SpyHunter
  • SpyHunter
  • spyware doctor
  • Spyware Doctor
  • Spyware Doctor
  • Spyware doctor 2.1
  • Spyware Doctor 2.1.0.254
  • Spyware Doctor V3
  • Spyware Doctor v3.0.0.288
  • SpywareBlaster
  • Star Wars - Jedi Knight - Jedi Academy
  • Star Wars - Knights of the Old Republic
  • Star Wars Galactic Battlegrounds- Clone Campaigns
  • Star Wars Jedi Knight II - Jedi Outcast
  • Star Wars Jedi Knight II- Jedi Outcast
  • Star Wars Knights of the Old Republic II - The Sith Lords
  • Starcraft - Battlechest
  • Strip Poker 2004
  • Super dvd Creator 7.5 7.5
  • Super Mario Kamek - Magikoopa's Revenge 1.2
  • Sygate Personal Firewall PRO v5.5 Build 2577
  • Symantec Ghost 8.0
  • Symatec System Center V9.0.0.338
  • System Mechanic 5.0c
  • The Chronicles of Riddick - Escape From Butcher Bay
  • The Elder Scrolls III - Morrowind Game of the Year Edition Bethesda Softworks
  • The Legend of Zelda - Four Swords Adventures
  • The Legend of Zelda - The Minish Cap
  • The Legend of Zelda (working title)
  • The Lord of the Rings - The Battle for Middle-Earth
  • The lord of the rings the battle for middle earth
  • The Lord of the Rings The Battle for Middle-earth
  • The Lord of the Rings The Return of The King
  • The Sims
  • The Sims - Hot Date Expansion Pack
  • The Sims - Makin Magic Expansion Pack
  • The Sims - Superstar Expansion Pack
  • The Sims - Unleashed Expansion Pack
  • The Sims - Vacation Expansion Pack
  • The Sims 2
  • The Sims Clock 1.0
  • The Sims Deluxe
  • The Sims Double Deluxe
  • The Sims Vacation
  • The Suffering
  • The Suffering Midway
  • Thief - Deadly Shadows
  • Tiger Woods PGA Tour 2004
  • Tom Clancys Ghost Recon - Desert Siege
  • Tom Clancys Splinter Cell
  • Tom Clancys Splinter Cell Pandora Tomorrow
  • Tom Clancy's Splinter Cell Pandora Tomorrow
  • Tony Hawks Underground
  • Total Commander v6.03a PowerPack 25
  • Trillian
  • Trillian crasher
  • Trillian Pro v3.0.950
  • Tweak-XP Pro 4.0.2
  • Unreal Tournament 2003
  • Unreal Tournament 2004
  • Unreal Tournament 2004
  • Unreal Tournament 2004
  • Vampire - The Masquerade - Bloodlines
  • VirtualLab Data Recovery
  • VirtualLab Data Recovery
  • Virtuosa Phoenix Edition
  • Warcraft III - Reign Of Chaos
  • Warez P2P
  • Webroot Spy Sweeper
  • Webroot Spy Sweeper
  • WebRoot Spy Sweeper 3.5.0.189
  • WebSite Watcher v4.02
  • Winace 2.x
  • Winamp 5.03 Full
  • Winamp Full
  • WinDVD Platinum 5.0.26.23
  • WinMX
  • WinRAR
  • WinRAR
  • WinRAR 3.30 Corporate Ed
  • WinRAR 3.x
  • WinRAR All
  • WinRAR v3.20 Final
  • WinRAR v3.30 Final
  • WinRAR v3.41 Final
  • Winzip
  • WinZip
  • WinZip 9.x
  • WinZip All
  • WinZip All Versions
  • WinZip Self-Extractor v2.2
  • WinZip Self-Extractor v2.2 Patch
  • WinZip v8.0
  • WinZIP v9.0
  • WinZip v9.0 Registration
  • World of Warcraft
  • Worms Armageddon
  • WWE Day of Reckoning GC
  • WWE SmackDown! vs. Raw
  • XBOX X-Fer Ripper and Transfer
  • XP Activation
  • XP home edition Activation
  • XP Pro 64-bit
  • Xp Profesional Sp 2
  • XP Professional
  • XP Professional ( Corp key )
  • XP Slipstreamer v1.0
  • XP SP2
  • Yahoo Messenger
  • ZeroSpyware Lite
  • ZipGenius
  • Zone Alarm Security Suite 5.5.062
  • ZoneAlarm
  • ZoneAlarm
  • Zoo Tycoon
  • Zoo Tycoon
  • Zoo Tycoon - Complete Collection
  • Zoo Tycoon - Dinosaur Digs