Quote: Originally Posted by rshewmaker
My WinPcap folder was created when I downloaded one of the following: IE add-ons Video Capture, Freemake's Video Downloader or some similar type download. I ditched Realplayer and was looking for a 'right-click to download' video app.
It's from one of the Freemake Video software downloads, I downloaded and installed Freemake Video downloader and WinPcap appeared on my system, it is safe to uninstall, actually you SHOULD
uninstall it, you'll see why below.
When you download Freemake products you are essentially just downloading the downloader, after you double click the file and go through the process of denying all the garbage that it comes with and setting a install destination folder, Freemake then downloads the installer from the web and automatically installs the product, in the process it sneaks WinPcap onto your system. Basically what WinPcap is, is a network sniffer, read below from Yahoo Answers ...... "WinPcap is software that allows your network interface card to (NIC) operate in "promiscuous" mode. Normally if a NIC sees traffic addressed to another NIC on the network, it ignores it. If you are running a network sniffer application, you may have a need to capture that traffic for inspection. Putting a NIC in promiscuous mode allows your NIC to capture traffic addressed to another machine and pass it to the sniffer application.
Normally you should not find WinPcap on your machine unless you also have a network sniffer such as WireShark also installed. If the machine was previously used by a network administrator or a network engineer they may have simply forgot to uninstall it when they uninstalled the sniffer app.
It is also possible that it is there for some nefarious purpose. It's conceivable that your machine may have been hijacked in order to sniff other network traffic on your network and report that to an outside attacker. This would be an advanced case of cracking and while I've never seen it personally, it's conceivable -- and rather scary.
Unless you are also running a network sniffer application or other network analysis tools, you have no need for WinPcap. Remove it from your machine if you can. It should be listed in the Add & Remove Programs listing. If it isn't, you can just delete the parent folder (unless it's residing in a system folder!) or delete the executable itself. It's a Unix port application and does not normally weave itself into the Windows OS very deeply."
After uninstalling the program you may want to run a malware scan and hijackthhis just to make sure everything is on the up and up.