Ok, if you haven't seen this thing already it's at www.netguarder.com . What it does is broadcast ads over an IP range using an unaddressed vulnerability in XP's Messenger feature. Firewalls can't stop it, and there's no on-machine program or registry to remove. Disabling XP's Messenger feature will stop it, but if you want the feature turned on, there appears to (as yet) be nothing you can do about it. As far as I've seen, the aboveground isn't even aware of this yet, and the underground seems to have limited its interest to cracking the shareware version.

So, does anyone have any more information? Fixes that leave Messenger intact would most desired, but beyond that, this thing fascinates me. It's really nefarious. I want to learn more about it: where it came from, whether anyone's noticed it, whether (as I suspect) the company that sells it is located in some obscure country more or less outside the law, etc, etc, etc. Thanks.