In my brief research I found a reference to the 'intercom.exe' file on a website located in the Netherlands. Upon downloading the file and taking a quick look. It appears to be animated joke, but I found no reference to 'websniffer' within the file or anywhere else. Of course I am aware one such websniffer application that uses two perls scripts (and TCPDump) to sniff webtraffic.

My current guess is that you may have a file (intercom.exe) that was wrapped with an app (websniffer) designed to capture the web surfing habits of the user(s) at the system in question or possibly within the subnet itself.

Web Sniffer acts as a proxy server which allows you to view all incomming and outgoing requests under the HTTP protocol.Web Sniffer DOES NOT currently support HTTPS connections. It supports HTTP connections only, even Yahoo IM (set to behind firewall mode).This is mainly to be used as a testing/debugging tool or to monitor web connections when you think something weird may be going on. Since this program is not 100% error free, and working with the HTTPS protocol, I wouldn't recommend using it ALL the time. Unless you just do simple browsing. But if you need to login to secure connections, even Hotmail you need to use HTTPS.You can simply uncheck the proxy in internet explorer to continue using the web and bypassing Web Sniffer.Setup:In internet explorer, go to your connection settings and enter either your local IP address, or computer name and port 80.Run Web Sniffer, and your ready to go.Web Sniffer will slow down your Internet requests since it caches all requests and responses to the hard drive.

Windows 95/98/NT Users

1. From your START menu, choose "Find"
2. Choose "Files or Folders"
3. Be sure the drive selected in the prompt box labeled "Look In" is the drive that you installed your program on (typically the C drive).
4. In the prompt box labeled "Names", type in "Newsfl*sh*" (without quotes)
5. Choose "Find Now"
6. Select ALL of the files that it finds (by going to Edit | Select All)
7. Choose "File"
8. Choose "Delete"
9. Answer "Yes"
10. In the prompt box labeled "Named" replace the word "Newsfl*sh*" with the word "Intercom" (without quotes)
11. Repeat Steps 5 through 9 to delete all of the Intercom files, if there are any found.
12. Empty your "Trash" or "Recycle Bin"