放任されたポケモンピカチュウのワーム／Pokemon Pikachu Worm on the Loose

A new internet worm entitled "Pokemon" is slowly infiltrating system around the Internet through email. The Pokemon worm, named after the image of one of Nintendo's Pokemon cartoon characters, propagates through Microsoft Outlook's MAPI subsystem in a similar manner to the LoveLetter worm where the worm is spread via a file attachment. The worm does not affect users of Outlook Express. This worm is also known as: W32.Pokey.Worm, Pokemon, I-Worm.Pikachu, Pokey.bat, Pokey.



Notice The worm arrives in email with a message subject that has a subject that reads "Pikachu Pokemon". The attached file is an executable program entitled "pikachupokemon.exe" that contains an icon similar to Pikachu, a Pokemon character. Once the executable is run the worm displays an animated image of Pikachu (See above image.) and attempts to send email to all people listed in the user's address book. The worm also modifies the user's autoexec.bat file to delete the contents of the Windows and Windows\System directories.
Needless to say, we reccomend you do not open this email and just delete it if you recieve a copy.

At the time of this writing Symantec, Trend Micro, and Sophos had data files available to remove and protect against the Pokemon worm. Be sure to check with your anti-virus vendor of choice to obtain the most current data files. More details can be found on Symantec's Web Site.