rpcapd.exe
WinPcap by CACE Technologies (Signed)
Overview
rpcapd.exe has 2 known versions, the most recent one is 4.1.0.2001. It is started as a Windows Service called 'Remote Packet Capture Protocol v.0 (experimental)' with the name 'rpcapd' and described as “Allows to capture traffic on this machine from a remote machine.”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The average file size is about 114.52 KB. It is an authenticode code-signed executable issued to CACE Technologies by the certification authority VeriSign. The programs OpenOffice.org 3.1, WinPcap 4.1.1 and Spotnet Launcher have been observed as installing specific variations of rpcapd.exe. During the process's lifecycle, the typical CPU resource utilization is about 0.0001% including both foreground and background operations, the average private memory consumption is about 2.28 MB with the maximum memory reaching around 4.72 MB. Addionally, typically read and write I/O disk operations is about 8 Bytes per minute for reads and 0 Bytes per minute for writes.
What is rpcapd.exe?
WinPcap allows applications to capture and transmit network packets and consists of a driver, that extends the operating system to provide low-level network access, and a library that is used to easily access the low-level network layers. WinPcap comes with Remote Capture capabilities.This requires a remote daemon (called rpcapd) which performs the capture and sends data back and a local client that sends the appropriate commands and receives the captured data.
About rpcapd.exe (from CACE Technologies)
“WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additi”
 Details
|
| File name: | rpcapd.exe |
| Publisher: | CACE Technologies, Inc. |
| Product name: | WinPcap |
| Description: | Remote Packet Capture Daemon |
| Typical file path: | C:\Program Files\winpcap\rpcapd.exe |
| Certificate |
| Issued to: | CACE Technologies |
| Authority (CA): | VeriSign |
| Effective date: | Tuesday, May 6, 2008 |
| Expiration date: | Saturday, May 7, 2011 |
| Windows Service |
| Service name: | rpcapd |
| Display name: | Remote Packet Capture Protocol v.0 (experimental) |
| Description: | “Allows to capture traffic on this machine from a remote machine.” |
| Type: | Win32OwnProcess |
Programs installed in
(Note, the programs listed below are for all versions of WinPcap.)
WinPcap is the Windows version of the libpcap library; it includes a driver to support capturing packets. WinPcap consists implementations of a lower-level library for the listed operating systems, to...
WinPcap is the Windows version of the libpcap library; it includes a driver to support capturing packets. WinPcap consists implementations of a lower-level library for the listed operating systems, to...
MyFree Codec contains files which are necessary to play various media files from your device to Samsung Kies. It is automatically installed when upgrading or installing Samsung Kies. KIES utilizes the...
Apache OpenOffice (AOO) is an open-source office productivity software suite containing word processor, spreadsheet, presentation, graphics, formula editor, and database management applications. OpenO...
“Spotnet Launcher is a handy tool that allows you to see if you still get the latest version at a glance Spotnet used, or that there is now a newer version is available. It is much safer than relying o...”
“Windows-based powerline configuration utility. Optional management utility compatible with Windows 7 (32/64-bit), Vista (32/64-bit), and XP (32/64-bit) operating systems. Auto QoS support through tra...”
Behaviors
(Note, the behaviors below are for all versions of rpcapd.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'rpcapd' (Remote Packet Capture Protocol v.0 (experimental))
- 'rpcapd'
All file variations of rpcapd.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
30.91% |
|
| Windows 7 Home Premium |
25.45% |
|
| Microsoft Windows XP |
21.82% |
|
| Windows Vista Home Premium |
7.27% |
|
| Windows 7 Professional |
7.27% |
|
| Windows 8 Pro with Media Center |
1.82% |
|
| Windows Seven Black Edition |
1.82% |
|
| Windows 8 Pro |
1.82% |
|
| Windows 8 |
1.82% |
|
Distribution by country
United States installs about 25.00% of WinPcap.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
34.62% |
|
| ASUS |
15.38% |
|
| Dell |
15.38% |
|
| Sony |
7.69% |
|
| Toshiba |
7.69% |
|
| Lenovo |
7.69% |
|
| Acer |
7.69% |
|
| Samsung |
3.85% |
|
