We had a user using netsend to send obscene messages to other users on our network; howerver, the message was tagged as coming from a computer that doesn't exist. We then used look@lan to scan the network for that netbios name. We found it attached to a computer that had a manchine name that did not match. After rebooting the computer it went back to the machine name and the netbios name matching. This is in a windows 2003 domain network with wins running on one of the domain controllers. Additionally the comptuer was frozen with faronics' deepfreeze. We found out which computer it came from but I really want to know how they did it.