Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Npcap crash - BSOD - 0.9988 #1964

Closed
daulis opened this issue Mar 12, 2020 · 2 comments
Closed

Npcap crash - BSOD - 0.9988 #1964

daulis opened this issue Mar 12, 2020 · 2 comments

Comments

@daulis
Copy link

@daulis daulis commented Mar 12, 2020
edited

Here are the steps that I did. (I don't know if it's reproducible because I can't install/uninstall Npcap):

  1. Npcap 0.9987 (oem) was installed.
  2. Uninstalled Npcap 0.9987
  3. Installed WinPcap_4_1_3.exe (I was having performance issues during high-rate captures, and wanted to see if this was Npcap-specific)
  4. Did some capturing...
  5. Uninstalled WinPcap
  6. Installed Npcap 0.9988 (oem). I unchecked "WinPcap API-compatible mode" because that's the Wireshark default
  7. BSOD

There are 2 main issues:

  1. The BSOD/Crash
  2. My system is now stuck in a state that I can't capture, can't re-install Npcap, and can't uninstall Npcap.

OS: Windows 7 Enterprise

Information from the Windows dialogue box that popped up after I recovered:

Problem signature:
  Problem Event Name:	BlueScreen
  OS Version:	6.1.7601.2.1.0.256.4
  Locale ID:	1033

Additional information about the problem:
  BCCode:	d1
  BCP1:	0000000000000008
  BCP2:	0000000000000002
  BCP3:	0000000000000000
  BCP4:	FFFFF880246EAB71
  OS Version:	6_1_7601
  Service Pack:	1_0
  Product:	256_1

Files that help describe the problem:
  C:\Windows\Minidump\031120-29811-01.dmp
  C:\Users\daulis\AppData\Local\Temp\WER-59389-0.sysdata.xml

Read our privacy statement online:
  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
  C:\WINDOWS\system32\en-US\erofflps.txt

After the laptop rebooted:

  1. I tried capturing, but Npcap didn't complete installation, so there are no capture interfaces
  2. When trying to run the installer again, I get the following dialogue
    image
  3. When I try uninstalling Npcap, I get the following dialogue:
    image
  4. At this point, I can't capture, and I don't have a way to recover

I emailed the 2x references files above (031120-29811-01.dmp, WER-59389-0.sysdata.xml) to Dan and Npcap support.
@dmiller-nmap
Copy link

@dmiller-nmap dmiller-nmap commented Mar 12, 2020

I've received the files you sent, and I think I have a fix for the BSoD crash, which I will tag to this issue.

The other 2 errors preventing reinstall/uninstall are generated by NSIS when it can't write to the temporary files directory, usually %TEMP%. Verify that the temp directory exists and is writable, and delete any folders in that directory named like ns*.tmp.

@dmiller-nmap dmiller-nmap mentioned this issue Mar 18, 2020
Closed
@dmiller-nmap dmiller-nmap mentioned this issue Mar 19, 2020
Closed
@daulis
Copy link
Author

@daulis daulis commented Mar 22, 2020

@dmiller-nmap Thanks for the quick response on the crash!

Do you have any other suggestions for the NSIS issue?

  1. I've confirmed that the permissions for %TEMP% are fully writeable for my account. I can actually see a nsxxx.tmp file created when I launch the installer, but, I still get the "Can't initialize plug-ins..." error when launching.
  2. I've also confirmed that it's a generic problem for any NSIS installer, and just not npcap. The issue also affects Wireshark installers. It looks like the system is in a state where I can't uninstall/install anything that happens to use a NSIS installer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daulis @dmiller-nmap