This has really got me stumped.
Advanced IP Scanner has the ability to show "dead" entries—devices that were at some point visible on the network, but which are no longer reachable.
Specifically, I can see the devices' last-known host names, NetBIOS names, IP addresses, MAC addresses, and even manufacturers.
This wouldn't be so weird if it weren't for the fact that I still see these even if I disable my network card, clear my DNS cache, and reboot while still disconnected from any network. I don't see this information anywhere else… not in ipconfig /displaydns, not in arp -a, not anywhere else.
The fact that this information persists across reboots and network disconnections implies it has to be stored somewhere on my computer itself.
For the life of me, I cannot figure out where these entries are stored. I've searched the registry, the files in my \Windows folder, the application's files, etc. but the entries are nowhere to be found.
Furthermore, I've even tried using Process Monitor, API Monitor, etc. to monitor the API calls, but I still cannot figure out where this information is coming from.
Where on my system are these dead entries stored?
Please note that I am NOT asking how to hide the information or anything else. I'm specifically trying to figure out where they are stored on my system.
Best Answer
Our investigation with OP finally narrowed to the particular file that is responsible for keeping mysterious
deadentries.The file that keep results of previous scans located in the file
advanced_ip_scanner_MAC.binthat in turn stored in%AppData%\local\temp\Advanced Port Scanner 2. (It keeps text as Unicode characters, so not trivial to find if one searching for ASCII strings.)Advanced IP scanner uses this file to show disconnected devices that were found with previous scans as
deadentries. It could be useful if one need to wake up over WOL some devices, but it could be annoying if you travel between job sites and see suchdeadentries from others network, so if you don't need to keep results of previous scans, simply delete or rename thisadvanced_ip_scanner_MAC.binfile