Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

4.1.0.2001 89.09%
4.1.0.1753 10.91%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
StartServiceCtrlDispatcherA, SetServiceStatus, LogonUserA, ImpersonateLoggedOnUser, RegisterServiceCtrlHandlerA
kernel32.dll
GetConsoleOutputCP, WriteConsoleA, HeapSize, FlushFileBuffers, SetStdHandle, CreateFileA, ReadFile, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringW, MultiByteToWideChar, LCMapStringA, GetConsoleMode, GetConsoleCP, SetFilePointer, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, WideCharToMultiByte, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, InitializeCriticalSection, WriteConsoleW, RtlUnwind, GetStartupInfoA, GetFileType, SetHandleCount, GetModuleFileNameA, GetStdHandle, WriteFile, HeapReAlloc, VirtualAlloc, DeleteCriticalSection, VirtualFree, HeapCreate, HeapDestroy, GetCurrentThreadId, SetLastError, TlsFree, GetSystemDirectoryA, FormatMessageA, GetLastError, FreeLibrary, GetProcAddress, CloseHandle, Sleep, LoadLibraryA, TlsSetValue, TlsAlloc, SetEndOfFile, SetConsoleCtrlHandler, HeapFree, HeapAlloc, GetModuleHandleA, ExitProcess, EnterCriticalSection, LeaveCriticalSection, GetCommandLineA, GetVersionExA, GetProcessHeap, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue
packet.dll
PacketSetMinToCopy, PacketSetLoopbackBehavior
pthreadvc.dll
pthread_attr_init, pthread_attr_setdetachstate, pthread_exit, pthread_cancel, pthread_attr_destroy, pthread_setcancelstate, pthread_setcanceltype, pthread_create
user32.dll
MessageBoxA
wpcap.dll
install_bpf_program, pcap_compile, pcap_open_offline, pcap_create, pcap_open_live, bpf_validate, pcap_findalldevs, pcap_strerror, pcap_freealldevs, pcap_geterr, pcap_close, pcap_setfilter, pcap_stats, pcap_next_ex

rpcapd.exe

WinPcap by CACE Technologies (Signed)

Remove rpcapd.exe
Version:   4.1.0.1753
MD5:   a780d3eaa74582ea1deb6bd9c7a3d9c9
SHA1:   5fe3571aaf05b356ccf74bfc8fc08836ce101c98
SHA256:   9f66c47d49aaddc946c20945685c1b8bdfaf011d9cd840ac9f3130b5ba09946c

What is rpcapd.exe?

WinPcap allows applications to capture and transmit network packets and consists of a driver, that extends the operating system to provide low-level network access, and a library that is used to easily access the low-level network layers. WinPcap comes with Remote Capture capabilities.This requires a remote daemon (called rpcapd) which performs the capture and sends data back and a local client that sends the appropriate commands and receives the captured data.

About rpcapd.exe (from CACE Technologies)

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additi

DetailsDetails

File name:rpcapd.exe
Publisher:CACE Technologies, Inc.
Product name:WinPcap
Description:Remote Packet Capture Daemon
Typical file path:C:\Program Files\winpcap\rpcapd.exe
File version:4.1.0.1753
Size:114.52 KB (117,264 bytes)
Certificate
Issued to:CACE Technologies
Authority (CA):VeriSign
Effective date:Tuesday, May 6, 2008
Expiration date:Saturday, May 7, 2011
Digital DNA
Entropy:6.238866
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
WinPcap
 CACE Technologies
3% remove
WinPcap is the Windows version of the libpcap library; it includes a driver to support capturing packets. WinPcap consists implementations of a lower-level library for the listed operating systems, to communicate with those drivers; a port of libpcap that uses the API offered by the low-level library implementations. It uses NDIS to read packets directly from a network adapter.
OpenOffice.org
 OpenOffice.org
12% remove
Apache OpenOffice (AOO) is an open-source office productivity software suite containing word processor, spreadsheet, presentation, graphics, formula editor, and database management applications. OpenOffice's default file format is the OpenDocument Format (ODF), an ISO/IEC standard. It can also handle other file formats including those from Microsoft Office. OpenOffice runs on several operating systems. Although originally written in C++...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'rpcapd' (Remote Packet Capture Protocol v.0 (experimental))
  • 'rpcapd'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 30.91%
Windows 7 Home Premium 25.45%
Microsoft Windows XP 21.82%
Windows Vista Home Premium 7.27%
Windows 7 Professional 7.27%
Windows 8 Pro with Media Center 1.82%
Windows Seven Black Edition 1.82%
Windows 8 Pro 1.82%
Windows 8 1.82%

Distribution by countryDistribution by country

United States installs about 25.00% of WinPcap.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 34.62%
ASUS 15.38%
Dell 15.38%
Sony 7.69%
Toshiba 7.69%
Lenovo 7.69%
Acer 7.69%
Samsung 3.85%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE