Re: Netbios records (602 lifetime)

Not that I know of. I assume your tried Nbtstat -R to remove them. The other
thing I would check is to see if there are entries in the lmhosts file for
those entries making them persistent. Lmhosts is located in Windows [or
Winnt]\system23\drivers\etc folder. --- Steve

-R : Purges the contents of the NetBIOS name cache and then reloads the
#PRE-tagged entries from the Lmhosts file.

"Mark" <Mark@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
Thanks, is their something important about the 602 life of the cached

"Steven L Umbach" wrote:

I would not rely on nbtstat to tell you if a computer has malware or
spyware. Using netstat -an will give you a better idea of port activity
a utility like the free TCPView and Tdimon from SysInternals would be
yet showing what processes/executables are associated with the port use.
also like Process Explorer as it can show the publisher of the executable
used for a process which can help identify it. If you do not see a
name then the executable/process could be suspect though not always.
you suspect and infection be sure to run a virus and spyware scan using
latest definitions for whatever you use to see what they find. ---
Steve --- TCPView and link

"Mark" <Mark@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
I have a general suspicion that a pc is infected with some spyware or a

NBTSTAT -c lists a load of records for PC's in the organisation that
this machine has no reason to connect to.

The records are <20> and have a life of 602 seconds.

I cannot flush them, nor does the 602 decrement in any way.

Spyware, Virus or config?

Many Thanks in advance