[npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition"

[zdm]

Hi.
Today windows 10 was updated and wireshark don't see network adapters any more.
I am tried to reinstall npcap and wireshark - this wasn't helpful.
Npcap installed in winpcap compat. mode and wireshark detected npcap during install process.

[zdm]

Winpcap works.
Npcap - not.

[hsluoyz]

Hi @zdm ,

Is your OS x86 or x64? Which Npcap version and Wireshark version did you use? Which Npcap installation options did you choose? Thanks.

I have tested latest Npcap 0.08 r3 (with WinPcap Compat Mode) and latest Wireshark Development Release (2.1.1) on my Win10 x64 Anniversary version without any issues.

Please don't use Wireshark Stable Release because it can't recognize the new version Npcap when installed in non-WinPcap Compat Mode (which is by default).

[zdm]

Windows 10 x64

Wireshark 2.0.5 x 64

I tried following npcap versions:
0.08-r2
0.08
0.07-r17

On 08.08.2016 03:42, Yang Luo wrote:

Hi @zdm https://github.com/zdm ,

Is your OS x86 or x64? Which Npcap version and Wireshark version did
you use? Thanks.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/nmap/nmap/issues/492#issuecomment-238119783, or
mute the thread
https://github.com/notifications/unsubscribe-auth/AA-mSPLEBGTtgI64dafMqjuEtOfrt_7sks5qdnt3gaJpZM4JekI0.

[hsluoyz]

I tried your environment and didn't encounter that issue. What error message did you actually see?

[zdm]

Wireshark doesn't show any errors, just shows no adapters.

On 08.08.2016 08:10, Yang Luo wrote:

I tried your environment and didn't encounter that issue. What error
message did you actually see?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/nmap/nmap/issues/492#issuecomment-238143145, or
mute the thread
https://github.com/notifications/unsubscribe-auth/AA-mSKXeekOXzqlfxLlmsNTGN7LmW13Fks5qdrozgaJpZM4JekI0.

[hsluoyz]

1. Install Npcap with default options.
2. Reboot after intall.
3. try nmap --iflis and paste the output here.

[zdm]

I have removed winpcap and installed npcap-v0.08-r2 with default options.

In not elevated cmd nmap return nothing:

But in elevated I got error:

[hsluoyz]

Oh, I forgot to say.

Please install Nmap's dev version: https://nmap.org/dist/nmap-7.25BETA1-setup.exe

And please install latest Npcap 0.08 r3.

[zdm]

With nmap-7.25-beta1 results are the same.

On 08.08.2016 08:41, Yang Luo wrote:

Oh, I forgot to see. Please install Nmap's dev version:
https://nmap.org/dist/nmap-7.25BETA1-setup.exe

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/nmap/nmap/issues/492#issuecomment-238146254, or
mute the thread
https://github.com/notifications/unsubscribe-auth/AA-mSM5dyTxbmUKly16L0gYzKfaVlElHks5qdsGYgaJpZM4JekI0.

[hsluoyz]

1. See if the C:\Windows\System32\Npcap folder contains these two files: wpcap.dll, Packet.dll
2. In Administrator CMD, enter sc query npcap and paste the result here.

[zdm]

1. Files are present;
2. Service is stopped

SERVICE_NAME: npcap
        TYPE               : 1  KERNEL_DRIVER
        STATE              : 1  STOPPED
        WIN32_EXIT_CODE    : 31  (0x1f)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

[hsluoyz]

In Administrator CMD, enter net start npcap and paste the result here.

[zdm]

Problem with signature

d:\downloads\111>net start npcap
System error 577 has occurred.

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

[hsluoyz]

1. Unzip the attached signtool.zip, put signtool.exe to somewhere your CMD can find (e.g. . C:\Program Files\Npcap)
2. In CMD, cd into the C:\Program Files\Npcap path, enter signtool verify /kp /c npcap.cat npcap.sys and paste the result here.

signtool.zip