I get this too and i use XP no SP1:






I use a firewall and its not a stand alone program thats doign these ****ing popups, my friend is getting these too and he uses XP with SP1. An existing application must be doing this, maybe its windows, maybe its a really good hidden virus im not sure, just help!

It is a new type of SPAM and uses the Microsoft Messenger Service in your PC. It was designed for network administrators to send messages to their client machines with important information about their network. Unfortunately, SPAM propogators have managed to use this with a very simple command line. Windows has this feature enabled by default, but you can turn it off if you want. Here is a copy/paste from over at ipKonfig:
<hr>

The sad thing is, most anyone can do it. Net Send is a simple messaging service within Windows operating systems. Using such a feature requires no skill, and now those *CpOrUiGcHks* are doing it to those with constant connections, like Broadband users. Net Send is commonly used by WAN/LAN administrators to notify users. This simply pops up a screen on users' machines, displaying a message from the admin. Now, spam-prick-advertisers are using this feature.

Well, I've personally received two of these dang Net Send ads from some dang flower company. It's quite the annoying little popup, too. Net Send popups remain on the top of any windows applications, and don't go away until you click OK. Of course, it's lotsa fun to use at work for sending a message to your buddy, who may be 40 floors away.

C:\net send IP ADDRESS "your message here"

Example:
C:\net send 127.0.0.1 "Hey Frank, STOP SEARCHING PORN! :)"

You can also send Net Send messages by user name if the WAN/LAN is setup to allow user names.

Nevertheless, it's a tool. It's not enough to stuff tons of 'crap' in our emails, advertisers seem to need to make our lives more miserable.

Putting a Stop to all this?

You bet! Two ways to stop Net Send from reaching your computer:

1. Router
Routers are cheap, and provide the best protection against hackers and other miscellaneous intruders. They provide a 'hardware' firewall, allowing you to stay behind protection and enjoying your internet pleasures, whatever they may be. While your IP address can still be seen, routers simply put a stop at this point--you can be seen, but can't be touched.

2. Disabling the Messenger Service

Windows NT/2000/XP default to Messenger services enabled. To disable, do the following:

Click on START and then select Control Panel
Now click on Services
Within the Services, look for Messenger
Double click on Messenger
Bring down the Startup type: selection
Choose disable
restart the system

Disabling the Messenger service will completely stop any messages coming from anyone/anywhere. However, I don't recommend doing this in a business running TCP/IP on the network, as Administrators only use this as a notification tool, and printers running within the network use this feature as well, to notify users of printer errors.

I highly recommend home users with broadband disable this feature to put a stop to this abuse. If advertisers know people are blocking Net Send, maybe we can all sleep a bit better.
<hr>

Hope this helps you out a little. ;)

Here is a link discussing this: http://www.theregister.co.uk/content/4/27634.html

And better still, here is a link allowing you to Mass "Net Send" http://www.directadvertiser.com/ (although not available with the demo.)

This service is not just used for ads, there was a recent hoax with a message pretending to be from Microsoft, telling the user that their IP had been logged and that MS would contact them soon in regards to pirated software on their machines

Just another annoyance that the average user cant protect himself from.... (BTW I've never recieved one of these messages, I always turn messenger off when I install... However I have to admit that its a nice idea....)

Where is "Services" in Control Panel?

I don't see it on any of my computers.

In Win XP Pro you can find services by clicking on Administrative Tools in the control panel.

I say disable the damn messenger service. Last thing you need in a corporate environment is the CEO caliing the help group because he/shee has 50 pop up messenger messages advertising everything from porn to long distance to credit repair..

Actually it is rare that you would be plagued by something like this in a corporate environment. A hardware based firewall knocks out this from working from an outside source. And besides, it was designed so that a Network Admin could throw out a mass message to all his clients telling them some important info... like the fact that a server would be down through a given time frame. Just a way to save him from getting a million calls from the client machines operators crying that the system was down.

I guess you haven't been to any web sites that have scripting which runs net send * on your local machine to pop-up messages on all the PCs in your workgroup/domain.

I've had it happen 3 times so far at work. mostly due to someone surfing for pr0n on a work PC, but its annoying none the less.

Does your network utilize a hardware based firewall? If so, then it may need some configurations changed up. And no, I have not had any of these popups you talk about... and this is a network with literally hundreds of users and all have direct access to the internet.

Thanks I was wondering what the hell that thing was.

Actually the firewall doesn't matter as these messenger windows are created by a script running on a local machines' web browser.

In other words your PC has messenger service running. you view a web site with a naughty script. the script runs on your machine and does the net send. the only thing required on your end is that your machine can run the script on the web site whether it be vbs, wsh, js, bat ,cmd, pl, etc..

really with all the vulnerabilities in most web browsers it is amazing the kind of stuff you can get them to do with the right tools..