W32.Row@mm

W32.Row@mm is a mass-mailing worm that uses Microsoft Outlook to send itself to all the contacts in the Outlook Address Book.

The email has the following characteristics:

Subject: Fw: Security note #526272
Message:
--------------- This is a forwarded message ---------------
> Original message from <support@af-solutions.com.uk>
> Dear custommer.
> Please read the attached data security note #526272/C.
> As a registered user of our data security / antivirus suite,
> we send you the latest security information. It is highly recommended
> that you read the information card and keep it in a safe place.
> Note also that you may freely distribute the card to your friends
> and collegues which is highly recommended too.
> If you do not wish to receive any further information, please read
> the file for instructions.
> At your service:
> Dr. Ivor Davis
> Senior researcher.
> Artificial Solutions Corp.
> Birmingham B42 2PA. UK.
> 12 Winston Road, Olton,
Attachment: security.exe

The worm also attempts to spread itself through the IIS Web server by tricking the users into downloading the worm.

This threat is written in the Microsoft Visual Basic programming language. It may be compressed with PECompact.