Fizzer is a multi-vector worm on Microsoft Windows.

It has multiple methods of spreading, including an email or a KaZaA share folder. When Fizzer is spread through email, It may have a subject line in English, German, or French, but the bodies of the emails are in English. Attachments to the emails have random extensions; these include .com, .exe, pif, or .scr.


Fizzer's Icon


Computer running the Fizzer worm will begin having files "Infected", as well as copy itself to System32. Inside of System32, it would rename itself "iservc.exe" and "initbak.exe". Fizzer has the same icon as the KaZaA share folder, and infects files inside of the KaZaA folder. Mp3 and other types of non-executable files are replaced with Fizzer, and have .exe extensions, while having the original, but now compressed, files. It begins to spread by looking for emails in the Windows Address Book.