Two Hallmark Card Virus Variations

[ad name=”new”]

The Hallmark card virus has gone through many variations. According to this wonderful and informative blog post called “Everyone Loves Me” two of the variations are NuWar and Zapchast. These were created by two separate groups of malware creators. Read the post to find out more. Click here.

The Zapchast variant downloads directly from a link in a bogus e-mail. The e-mail usually tells you a generic someone (friend, family member, old classmate) sent you an e-card. Someone did send you an e-mail, a bad someone, who is not your friend, but your enemy. They do not love you; they want to takeover your computer and make money off you. Fraudulently. Clicking the link downloads and installs a chat application (software) in your computer (much like an Instant Messenger) that can be used to control your computer remotely. So after you download the link someone (bad guy) can come into your computer and control it.

[ad name=”new”]

Here are two different methods to fix these viruses:
1. Click here for Method one.

2. If that doesn’t work with the variation you have, try this one:
Click here for Method Number Two. The post talks about Vundo but will work also with the Hallmark card virus.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Be Careful on "Hallmark and Postcard.exe virus removal" Searches

[ad name=”new”]

I’m concerned. Today while researching the Hallmark card and postcard.exe virus, I got these results on Google.

Google Results for

Image of Google Results

The highlighted result in the middle leads to a download site for Windows XP Antivirus 2008/2009, a rogue Antivirus that is really a deadly virus for your computer. I mean a nasty.

So this is the dramatic scenario, my innocent ducklings, you receive a Hallmark card or other e-card e-mail. You know you are not supposed to open attachments on e-mails especially those ending with .exe or .dll but on this e-mail there are none. So you feel safe. There is a link, however, for you to see the Hallmark card (or other e-card) someone sent you. You click the link. Instead of an ecard, your computer fills with the Hallmark card virus, and depending on what variant you download, a pretty bad virus.

Your computer is now looking and acting strange. You’re worried. You search online for solutions. You search for “Hallmark card virus removal”. You get results such as the ones above. You may luck out and click Ducktoes or another legitimate antispyware site or you may click a link to the fraudulent rogue anti-virus Windows XP Antivirus 2008/2009 above. Immediately your computer starts to fill with an even more lethal virus. So now you have one bad virus and one very bad virus.

The fraudulent website looks like this:

Bogus Antivirus Site

Bogus Antivirus Site

Now Ms. Ducktoes has to go to her day job fixing computers and get back to this later. Please be careful until then. Let me know what’s happening to your computer right now, so I have more information on what new variants there are and the type of frustation and problems you’re having, so I can help you more effectively.

Click on the Comment or No comment tag below. Or e-mail me at [email protected]

And the virus removal techniques in yesterday’s post about How to Fix Vundo in Safe Mode should also be quite effective agains the Hallmark Card and Windows XP Anti-virus. Give them a try. Until later.

Also I’m curious. What spyware or virus are you struggling with right now? Or if you don’t know, what symptoms do you have? I invite your comments. Comment here.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Hallmark Card Virus Fix and Removal

[ad name=”new”]

Many, many people are coming to this blog site looking for a fix for the Hallmark card virus. So it’s not a hoax!!! (The hoax part is that the virus will wipe out your hard drive. It doesn’t. But it does make a mess.) The e-mails going out purport to be a link to Hallmark card, read more here (see this post), and if you click that link, you’ll get a direct download of a virus.

If you already have the Hallmark Card virus, there is a fix, or several of them. Usually, normal virus software will remove it. Here are some free anti-virus software that will do the trick. Make sure your software is updated first, after you install and before you run the scan. Without virus definitions, it’s impossible to catch anything.

First to get rid of the virus use one on these antivirus software:

AVG 8 Free for Personal Use
Dr. Web CureIt

Then use this antispyware:

Virus software is not enough. You’ll also need an excellent anti-spyware tool. Call me at 403-483-0105, if you have any questions. (Please, not in the middle of the night in Canada, however!)

[ad name=”new”]

Now if your computer is so bad already it won’t allow you to download anything, you’ll need to go into safe mode.
1. Restart your computer and tap the F8 key repeatedly. Soon you’ll get to a screen that has many different options.

2. Pick the one (use your up and down arrows to move) that says Safe Mode with Networking.

3. A long list of drivers will scroll down the screen. Then you’ll be given and option of Yes or No. Pick Yes, you do want to go into Safe Mode.

4. Now open your browser such as Internet Explorer or Firefox. And type in Find this post Hallmark Card Fix. And click this link to download Malwarebytes Antispyware.

5. Run and update the program. Make sure you update it first. If your computer (actually the virus or malware) won’t let you update it, run it anyway. Do the quick scan first. Remove the malware it finds and restart the computer and then run it again. If you can update it on the second time, update it and run it again, this time do the full scan.

Then go to the top of this blog post and install one of the antiviruses and the SuperAntispyware.

Good luck and let me know what works or doesn’t for you. Also let me know if it’s hard to download the antispyware. How bad is the virus? Click here to comment.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Dangerous New Trend, Serious and Urgent Alert!! Don’t click that link!!

[ad name=”new”]

Ms. Ducktoes is in a flap and a flutter because right now there is a new type of spyware danger that is so new it is causing a bit of havoc and making all of us anti-spyware professionals work overtime. Thousands of computers are infected. Phoney e-mails that purport to be from friends or legitimate businesses encourage the victims to click a link. This will initiate a download of a most dangerous group of spyware and viruses. One is a trojan horse that lets the criminal hacker take over your computer and control it remotely. Others will install a back door in your computer that gives hackers access to do even more damage or add even more spyware. Still others tell you, in a warning on your desktop, that you have spyware, and try to get you to buy a rogue anti-spyware, that will give you even more malware.

I have received three of these phoney, dangerous e-mails. One told me a friend had sent me a Hallmark card that linked to a nasty download of binary code (trojan). I already wrote a blog about that one. Read it here.

Another, my cousin Jack warned his friends and family about, a postcard e-mail that links to a virus download. Here is his e-mail:

Please be careful of the upcoming virus.

Big Virus coming

Hi All, I checked with Norton Anti-Virus, and they are gearing up for this virus!

I checked Snopes (URL above:), and it is for real!!

Get this E-mail message sent around to your contacts ASAP.


You should be alert during the next few days. Do not open any message with an attachment entitled ‘POSTCARD,’ regardless of who sent it to you. It
Is a virus which opens A POSTCARD IMAGE, which ‘burns’ the whole hard disc C of your computer.

This virus will be received from someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts It is better to receive this message 25 times than to receive the virus and open it.

If you receive a mail called’ POSTCARD,’ even though sent to you by a friend, do not open it! Shut down your computer immediately.

This is the worst virus announced by CNN. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus.
This virus simply destroys the Zero Sector of the Hard Disc, where the vital
Nformation is kept.


While the e-mail is incorrect that the virus will burn a hole in your hard drive, it may cause you to have to get your hard drive reformatted, which will indeed burn all your data, which is essentially the same thing. Also it lets the attackers take control your computer. The trojan is very difficult to remove. The e-mail is confusing a few viruses and hoaxes but is a good warning nevertheless, since it lets everyone know not to open the postcard e-mails. I did receive one this week so it’s definitely making the rounds.

The third one I received–today–was supposedly from Paypal. It said my account had been limited. But the link to fix the account limitation problem was—again, you guessed it—a link to a download of nasty virus code.

So the Phishers and Hackers have stepped up their attacks with a new method. Instead of just getting your passwords and account numbers and credit card numbers as they do in regular phish e-mails and websites, now they give you an immediate download of binary code.

[ad name=”new”]
Readmy guide to preventing spyware. Or the Self-Help tutorials here.

Please feel free to comment. I invite all comments. Or let me know what your experience is with e-card viruses. I’d really like to find out what is going on in the larger world.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Trojan and Virus Alert! Phoney Hallmark E-card!

[ad name=”new”]

Yesterday I received an e-mail purportedly from Hallmark cards telling me a friend had sent me an e-card. I immediately knew it was fake but was surprised that it led not directly to a phish (phoney) website but to a trojan download. So don’t click the link; it’s not from a friend but a cyber-criminal.

I cut and pasted the e-mail here in italics. (Notice the error in the subject line, “send” instead of “sent.”. Often fraudulent e-mails have misspellings or display poor English.)

From: “Hallmark Cards”
Subject: You have a card send from a friend!
Date: Mon, 5 May 2008 03:18:53 +1000
Hello ,
A friend has sent you a Hallmark Ecard
Click here to view your Ecard .
If you would like to return an Ecard to him simply go to
in association with
Hallmark Cards
Your privacy is our priority. Click the “Privacy and Security” link at the bottom of any page on to see our privacy policy.

The link to view the e-card immediately initiated a download of the malware trojan horse . So beware an e-card from a unspecified or generic friend. I suspected something was amiss because the misspelling of “send” instead of “sent,” an unlikely error for a major retailer like Hallmark. Also it didn’t say which friend had sent it, which e-card e-mails usually do.

Click here to see what Hallmark says about these fraudulent e-cards.

[ad name=”new”]

I knew it was a phish (fraudulent) and wanted to report it to Phishtank so that is why I clicked the the link. However, instead of taking me to a phoney website, it started downloading the spyware immediately. To click the link, I deliberately used a Mac as a precaution. Macs are not susceptible to most spyware. Afterward, I ran my Mac virus software anyway. But I thought I would warn you. I still don’t know how to report it to Phishtank. I wrote to them but they didn’t write back. Sigh. Another unrequited relationship for Ms. Ducktoes.

Zapchast Trojan is the trojan. It is the most dangerous kind. It allows the criminal to take control of your computer. Click here for removal instructions. They are difficult, I warn you.

Also see this Ducktoes blog post on fixing the Hallmark Card malware. It will tell you some free or trial antispyware programs that will fix the Hallmark virus.

Or you can use Spyware Doctor with Antivirus. I am a reseller for this product, and it will work very well although it isn’t free. Spyware is getting worse and worse and Spyware Doctor is the highest rated antispyware. It will fix your problem.

[ad name=”co-2″]

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather