Expert: Carolyn Meinel - 7/7/2005

Question
Hi Carolyn;

Windows XP/IE 6.0
I had a serious virus issue with my PC. I took it to my tech guy and now I'm back up and running smoothly. A large file still exists on my hardrive and I'm curious to why it wasn't removed and what it is. It's called deal helper and it's 2,966MB. What is it? Can I go ahead and remove it. I've been told it's spyware/adware.
Thank you in advance for your assistance.
Valerie

Answer
You are absolutely right, Deal Helper is spyware. Worse yet, whenever you are online, it has the power to download other adware or spyware programs. So if you've been online since the tech guy worked on your computer, there's a good chance that Deal Helper has filled your computer up with all sorts of nasties. Look at it as the mother of all spyware programs! The way it works is that whenever someone launches the Internet Explorer browser on an infected computer, it loads Deal Helper, and then Deal Helper uses the Internet to download programs onto your computer.

It might not be easy to remove. Many spyware programs, like viruses and worms, hide versions of themselves and reinstall whenever you delete what appears to be the program.

So if just deleting this file doesn't work, for instant free help, try removing it with Ad-aware, http://lavasoft.element5.com/software/adaware or Spybot Search and Destroy, free from http://www.safer-networking.org/en/download/ You can use both together if you wish because they are compatible. In addition, if you are more of a power user, you can install BHODemon. It is free from http://www.definitivesolutions.com/bhodemon.htm It enables you to control the "browser helper objects" of Internet Explorer (IE), which are what launches Deal Helper.

To avoid future infections, you can use a safer browser such as Firefox, free from http://www.mozilla.org Deal Helper is only able to infect computers through IE.

If this doesn't work, let me know and we can explore some more painful ways to get rid of it.