Bill Clinton virus attempts to delete files

Despite George W. Bush being in office as U.S. President for over a year, his predecessor Bill Clinton returned Friday to plague e-mail inboxes everywhere.

A new e-mail virus which promises users a “vvvery verrrry ffffunny” caricature of Clinton is making the rounds online Friday, according to Corp., and, if run at a certain time of day, the virus attempts to delete a large number of system files. The virus, which appears in inboxes with the subject line “bill caricature” also includes an attachment called “Cari.scr,” said in its virus alert. When double-clicked, the attachment launches the virus, sending itself to everyone in a user’s Microsoft Corp. Outlook e-mail address book, and installs itself on the PC.

When the infected PC’s system time is between 8 a.m and 9 a.m., however, the virus attempts to delete a large number of files, including a number of those in the C, D, E and F directories, files ending with .sys and .vdx, according to April Goostree, virus research manager at

The body of the message sent by the virus reads “Hiiiii (…) How are youuuuuuuu? look to bill caricature it’s vvvery verrrry ffffunny 🙂 🙂 i promise you will love it? ok (…) buy.” The virus also attempts, however lamely, to hide its true nature be ending the e-mail with “========No Viruse Found======== MCAFEE.COM.”

Despite the attempt to make the e-mail appear as if it has been cleared of viruses by, Goostree said that this is not the case. The Clinton virus’ invocation of a security company’s name echoes the Gibe virus, which was discovered in early March and masqueraded as a security bulletin from Microsoft.

McAfee has the virus classified as medium risk, with about 100 samples of the virus coming in overnight from Australia and 20 in the U.S. by midday Friday. The file deletion aspect of the virus means that it merits attention, however, she said.

Luckily, because of the spelling errors in the e-mail and the use of standard mass-mailer virus elements, Goostree does not expect the virus to spread very far.

“People are pretty hip to (those tricks),” she said.

Users are urged to update their antivirus software immediately and not to double-click unexpected attachments.