1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

What is Winpcap please?

Discussion in 'Virus & Other Malware Removal' started by Inquitus, Aug 23, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. Inquitus

    Inquitus Thread Starter

    Joined:
    Aug 4, 2005
    Messages:
    86
    Anyone tell me what Winpcap is, what it is used for and why it should be on my PC.

    Tnx,

    Inqui
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  3. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    It's a packet capture driver. You'll need it for quite a few different network monitoring and analysis apps.
     
  4. Inquitus

    Inquitus Thread Starter

    Joined:
    Aug 4, 2005
    Messages:
    86
    can it be used by my employer to monitor my internet usage levels?
     
  5. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    It can be used to "capture" packets on the network and analyze their contents and volume, yes.
     
  6. Inquitus

    Inquitus Thread Starter

    Joined:
    Aug 4, 2005
    Messages:
    86
    When I go into services.msc it is set to manual and not running. Does that mean it inactive?
     
  7. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    I have it installed and don't have it in Services. What service are you referring to?

    In any case, it doesn't need to be running on your machine. Depending on what software is using it, packets from your machine can be monitored from another machine on the network.
     
  8. Inquitus

    Inquitus Thread Starter

    Joined:
    Aug 4, 2005
    Messages:
    86
    Can I just kill it with Hijack this?

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Yes and

    in msc

    Rightclick and choose "Properties". On the "General" tab under "Service Status" click the "Stop" button to stop the service. Beside "Startup Type" in the dropdown menu select "Disabled". Click Apply then OK. File-Exit the Services utility.
     
  10. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    In fact, I do have it in services under the same name that you do (not running), but as I mentioned, it need not be running on your machine---packets can be captured by others on the network that you are connected to. All packets going to and from your machine can be monitored by someone with the right software.

    But if you are attempting to circumvent some sort of surveillance system used by your employer, especially if this is on a machine belonging to your employer, we are not able to help you any further. Suffice it to say that if an employer has implemented a monitoring system, there is no doubt a method of checking that it is working or has not been circumvented. Be careful that you don't get yourself in even more trouble by disabling company property.
     
  11. Inquitus

    Inquitus Thread Starter

    Joined:
    Aug 4, 2005
    Messages:
    86
    It's ok, I am more wondering what that service was than trying to circumvent it. Anyway I don't live in the US and therefore the information contained on my computer and electronic records pertaining to that are NOT company property. The privacy laws in this country are reasonably strong.

    Thanks for all those who provided an explanation,

    Inqui
     
  12. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    If you are connected to a network and traffic flows from your machine, someone is able to monitor that traffic. There isn't a whole lot you can do about that short of encryption or disconnection.
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/392824