I know my employer has ways to monitor everyone on the network. There are approx. 1300 people in my department. Nearly everyone is either assigned a machine or has access to one. Anyway, the other day a coworker said he got something that was creating multiple popups. Our Systems people are lacking or too busy to help so I have him run an online spyware scanner and it finds and removes a few different spyware programs, including one called WinWhatWhere. A few days later I decided to do the same thing on my machine and the scanner finds the same WinWhatWhere. I let the scanner remove it before I realize it is the same thing that was removed from my cowoker’s machine. So, I decide to find out exactly what “WinWhatWhere” is actually about. It turns out it is a commercial keylogger that apparently my employer was using to monitor our system usage. Natuarly, since I had the online scanner remove a pertinent file for the spyware, it is no longer operational on my machine ;D
What is going to be interesting to see IF and when the Systems people ever detect that my machine is no longer participating in this invasion of privacy or whether or not they either reinstall it or ask if I have any knowledge on why it quit working on my machine, which would defeat the secrecy behind the program running in the background in complete secrecy ;D
To the best of my knowledge Antivirus programs as well as Spybot and Ad-Aware don’t detect WinWhatWhere because it is a “commercial” keylogger.
Here is a definition of WinWhatWhere
http://www.spywareguide.com/product_show.php?id=28
Here is the online spyware scanner
http://www.spywareinfo.com/xscan.php
Here is an in-depth review of WinWhatWhere