Identity Theft Follow-Up Question

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I've posted on this group several weeks ago regarding identity theft.
If anyone can identify whether the inability to delete the following
program (an interactive display-monitor "cat" downloaded for a young
relative over Christmas) could be malware, spyware, or benign, I'd be
particularly grateful.  The laptop is going back to the manufacturer,
and I'm considering a hard drive wipe-out I'd really rather avoid. /

Thank you.

Re: Identity Theft Follow-Up Question

Hash: SHA1 wrote:
Quoted text here. Click to load it

Well I gave it a look and couldn't find any evidence of that program doing
wrong but its vendor, , does seem to produce
spyware programs. Try doing a web search for "adtoolsinc spyware".

Screen Mates ( ) are small executable programs
distributed through e-mail. They display a humorous presentation, followed
by one or more banner ads. These banners are embedded in the application
and when clicked, will take you to a pre-defined web page. Newer versions
of the software silently connect to the Internet and exchange information
with a remote server."

I saw no evidence of Felix trying to connect to the Internet although I
believe it is linked into some Windows DLLs that provide Internet
connection of some sort.

If you can't delete it this could be a result of it running - I haven't
read your original thread but have you tried starting the computer in Safe
Mode and deleting it?


Adam Piggott, Proprietor, Proactive Services (Computing). /

Please replace dot invalid with dot uk to email me.
Apply personally for PGP public key.
Version: GnuPG v1.4.2 (MingW32)


Re: Identity Theft Follow-Up Question

Adam Piggott wrote:
Quoted text here. Click to load it

Adam, thanks.  If I had a nickel for the times I've tried to boot my
laptop in Safe Mode following age-old F8/F8/F8 instructions--and
FAILED--I'd--  Well, I'd have quite a few nickels.  I'll have to see if
IBM has a special protocol for booting in Safe Mode.

Again, thank you.

Re: Identity Theft Follow-Up Question

Hash: SHA1 wrote:
Quoted text here. Click to load it

If you can't get Safe Mode working (which would be worth learning how to
do!) try using the Task Manager or Ctrl-Alt-Del menu (depending on Windows
version) and ending "felix.exe". If there's no sign of it or you can't, try
using Sysinternals' AutoRuns[1] to locate and delete/turn off the program's
"start with Windows" entry.



Version: GnuPG v1.4.2 (MingW32)


Re: Identity Theft Follow-Up Question

Quoted text here. Click to load it

The "Safe Mode" thing is an OS thing. IBM may have a special relationship
with the BIOS or other firmware, but the OS software would provide the
way into safe mode. Some OS software is kept from version to version to
provide backward compatibility, so I wonder if this legacy code from the
Win95 "Safe Mode" feature is retained in later (even NT?) versions. Try
holding down the shift key while the OS is booting.

It would be interesting to know what versions of Windows this still works

Re: Identity Theft Follow-Up Question

Quoted text here. Click to load it

Actually, XP does.   It's a checkbox in MSCONFIG.

Go to Start, Run, type MSCONFIG and press enter.   Click on the BOOT.INI tab
and check "/SAFEBOOT".  Click OK, and restart the system.

When done, simply rerun MSCONFIG and remove the checkbox.


Re: Identity Theft Follow-Up Question

Patrick Keenan wrote:
Quoted text here. Click to load it
I've used this and it works fine.


Re: Identity Theft Follow-Up Question

Thanks, everyone.  F8 finally worked.  Felix the Cat is g-o-n-e, and
now I feel kind of guilty for getting rid of him.  Equal time for
dogs--now I must get rid of the equally adorable Must Love Dogs film

Can one assume that *any* program downloaded from the Internet is
benign?  I am so gun-shy now, re-registering all private financial,
personal, and medical information on pertinent sites.  If anyone can
refer me to the best layperson-friendly site where I can get a full
explanation of "trojans" and how they operate, at least I would feel I
am not fighting my identity thiefs entirely blind.

What I do not understand is how a major technology company could tell
me my social security number has been co-opted by someone (whom they
won't identify), somewhere (which they won't specify), for merchandise
(whose nature I cannot learn), at some point in time (when is entirely
a mystery)...and then not have my credit destroyed with the major
credit bureaus.  I have had my checking account misappropriated online
to pay a huge cell phone bill at Cingular; the checking account
information has nothing to do with my social security number.  I cannot
discern how one identity thief could rape you with a social security
number misappropriation and another with account numbers that are not
connected to that federal item.

An FBI agent told me--I am not making this up--that identity thiefs, no
matter how large the scope or potentially germane the theft may be to
national security issues, may or MAY NOT be investigated.  This young
woman said "Do you want me to tell you what you want to hear or do you
want to know the truth?  The truth is that your case may not be
investigated at all."  That would be fine with me if I could defend my
computer, but I don't know where the attack has come from.

I'm writing all this not because this is a Lonely Tech Hearts'
newsgroup but because I do not know where this assault on all my
personal information eminated from.  I am terrified and overwhelmed by
the idea of going back to pre-Net days in regard to managing personal
finance and correspondence. .

Re: Identity Theft Follow-Up Question

On 18 Jan 2006 15:29:30 -0800, wrote:

Quoted text here. Click to load it

Not my government (or rather, not supposed to be) but AFAIK the FBI
investigate only when financial impact exceeds a particular value.  

That's why it's so safe for perps to rob just under that threshold
from thousands of places; if no two victims are connected, the damage
never attracts FBI interest, and if no-one investigates, the chances
of two victims being linked to the same perp are small.

Quoted text here. Click to load it
   Don't pay malware vendors - boycott Sony
Quoted text here. Click to load it

Re: Identity Theft Follow-Up Question

cquirke (MVP Windows shell/user) wrote:
Quoted text here. Click to load it

Thanks for letting me know this.  I just wish there was some Public
Service Announcement on t.v. that followed all those hardy-har-har
Citibank (et al) commercials about identity theft.

It's *real* comforting knowing that DELL refused me credit based on the
fact my social security number is actually a "business account" in
arrears over sixty days--multiple accounts--but refuse to identify who,
what, when, where, or how.  Or report this to any of the credit
bureaus.  For all I know, the technology "I" paid for--according to
them--may be in a cave somewhere in a "-stan" far far away.

I'm so glad we have a Department of Homeland Security.

Re: Identity Theft Follow-Up Question

Quoted text here. Click to load it

A more convenient way would be to use BootSafe:


Re: Identity Theft Follow-Up Question

 AKA on 1/18/2006 in
thought,came up with this jewel:

Quoted text here. Click to load it
******************Reply Separator*************************

I have a program listed on my site that will make booting into
safe-mode easy for you. It is called BootSafe,written by Nick
Skrepetos. You can find a link to it here: /
Virus Removal Instructions: /
Keeping Windows Clean:
Windows Help:
Specific Fixes:
Forums for HiJackThis Logs:
To reply by e-mail change to is setup specifically for use in USENET
feel free to use it yourself. Registered Linux User #393236

Site Timeline