Ask Your Question
0

The capture session could not be initiated on interface '\Device\NPF_Loopback' (Error opening adapter: Er is een niet-bestaand apparaat opgegeven. (433)).

asked 2019-10-21 20:21:29 +0000

Marcel92 gravatar image

updated 2019-10-27 09:41:36 +0000

grahamb gravatar image

after installing wireshark i cant seem to capture because the npcap driver isnt running.

i have tried to start it manually with: net start npcap but i get systemerror 2 the system cannot find the file specified

when i look in C:\Windows\System32\drivers the driver is there.

i've been unable to find a working fix for it so i hope anyone here could help me out.

edit retag flag offensive close merge delete

Comments

  1. It helps if you include the information from "Help->About Wireshark" or "wireshark -v".

  2. The latest version of npcap is Npcap 0.9983 [2019-08-30].
    You might uninstall then reinstall to make sure its a clean install.
    Download here: https://nmap.org/npcap/

  3. The npcap Diagnostic Report and install logs might have useful info.
    https://nmap.org/npcap/guide/npcap-us...

bubbasnmp gravatar imagebubbasnmp ( 2019-10-22 03:59:42 +0000 )edit

The npcap installation also has a batch file that attempts to correct service registration and startup, FixInstall.bat that should be run from an elevated prompt, but before running that can you show the output of the npcap service status and configuration with sc queryex npcap followed by sc qc npcap

grahamb gravatar imagegrahamb ( 2019-10-22 10:13:21 +0000 )edit

Requested output:

C:\Windows\system32>sc queryex npcap

SERVICE_NAME: npcap
        TYPE               : 1  KERNEL_DRIVER
        STATE              : 1  STOPPED
        WIN32_EXIT_CODE    : 31  (0x1f)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 0
        FLAGS              :

C:\Windows\system32>sc qc npcap
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: npcap
        TYPE               : 1  KERNEL_DRIVER
        START_TYPE         : 1   SYSTEM_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : \SystemRoot\system32\DRIVERS\npcap.sys
        LOAD_ORDER_GROUP   : NDIS
        TAG                : 21
        DISPLAY_NAME       : Npcap Packet Driver (NPCAP)
        DEPENDENCIES       :
        SERVICE_START_NAME :
Marcel92 gravatar imageMarcel92 ( 2019-10-22 10:18:15 +0000 )edit

I don't think this is contributing to your issues, but it seems that you've installed npcap in "Winpcap compatible" mode:

HKLM:\SYSTEM\CurrentControlSet\Services\npcap\Parameters:

NdisImPlatformBindingOptions : 0
DefaultFilterSettings        : 1
LoopbackSupport              : 1
DltNull                      : 1
AdminOnly                    : 0
Dot11Support                 : 0
VlanSupport                  : 0
WinPcapCompatible            : 1

Unless you explicitly need that for another application that can only use WinPcap, Wireshark doesn't, you might want to reinstall npcap and uncheck that box on the installer.

grahamb gravatar imagegrahamb ( 2019-10-22 11:09:31 +0000 )edit

i've tried that aswell but it doesn't make any difference, i keep getting the same error.

Marcel92 gravatar imageMarcel92 ( 2019-10-22 11:14:15 +0000 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2019-10-22 19:23:29 +0000

Guy Harris gravatar image

when i remove npcap and reinstall everything works like its supposed too. but as soon as i restart the pc the npcap drivers dont start at all.

This sounds like an npcap issue.

It looks as if somebody reported a similar issue (complete with Dutch error messages) on the nmap issue list as issue #1793. If that's not your report, you might want to add to it.

edit flag offensive delete link more
0

answered 2019-10-22 10:05:57 +0000

Marcel92 gravatar image

updated 2019-10-22 10:50:46 +0000

grahamb gravatar image

when i remove npcap and reinstall everything works like its supposed too. but as soon as i restart the pc the npcap drivers dont start at all.

1. about wireshark

Version 3.0.5 (v3.0.5-0-g752a55954770) 

Copyright 1998-2019 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 

Compiled (64-bit) with Qt 5.12.5, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.39.2, with LZ4, with Snappy, with libxml2 2.9.9, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729. 

Running on 64-bit Windows 10 (1903), build 18362, with AMD Ryzen 5 1600X Six-Core Processor (with SSE4.2), with 16329 MB of physical memory, with locale Dutch_Netherlands.1252, with Npcap version 0.9983, based on libpcap version 1.9.1-PRE-GIT, with GnuTLS 3.6.3, with Gcrypt 1.8.3, without AirPcap, binary plugins supported (14 loaded). Built using Microsoft Visual Studio 2017 (VC++ 14.16, build 27034). 

Wireshark is Open Source Software released under the GNU General Public License.

2. my pc crashed before so i installed it on a fresh windows 10

3. Diagnostic Report

*************************************************
DiagReport for Npcap ( http://npcap.org )
*************************************************
Script Architecture:        64-bit
Script Path:            C:\Program Files\Npcap\DiagReport.ps1
Current Time:           10/22/2019 11:56:37
Npcap install path:     C:\Program Files\Npcap
Npcap Version:          0.9983
PowerShell Version:     5.1.18362.145

*************************************************
OS Info:
*************************************************

Caption                 : Microsoft Windows 10 Pro
BuildNumber             : 18362
Locale                  : 0413
MUILanguages            : {nl-NL}
OSArchitecture          : 64 bits
ServicePackMajorVersion : 0
ServicePackMinorVersion : 0
SystemDirectory         : C:\Windows\system32
Version                 : 10.0.18362

*************************************************
CPU Info:
*************************************************

Name                      : AMD Ryzen 5 1600X Six-Core Processor           
Manufacturer              : AuthenticAMD
DeviceID                  : CPU0
NumberOfCores             : 6
NumberOfEnabledCore       : 6
NumberOfLogicalProcessors : 12
Addresswidth              : 64

*************************************************
Memory Info:
*************************************************
Size:               16330 MB (17122836480 Bytes)

*************************************************
Network Adapter(s) Info:
*************************************************

Name                      InterfaceDescription                    ifIndex Status       MacAddress             LinkSpeed
----                      --------------------                    ------- ------       ----------             ---------
Ethernet                  Intel(R) I211 Gigabit Network Connec...       4 Up           30-9C-23-7D-90-1C         1 Gbps

Caption         : [00000001] Intel(R) I211 Gigabit Network Connection
GUID            : {2C87C98D-F124-47E2-8ADD-7D0E2E09B24E}
Index           : 1
InterfaceIndex  : 4
Manufacturer    : Intel Corporation
NetConnectionID : Ethernet
PNPDeviceID     : PCI\VEN_8086&DEV_1539&SUBSYS_7B001462&REV_03\309C23FFFF7D901C00

*************************************************
NDIS Light-Weight Filter (LWF) Info:
*************************************************

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics  : 262144
ComponentId      : ms_bridge
Description      : @%SystemRoot%\system32\bridgeres.dll,-2
InfPath          : netbrdg.inf
InfSection       : Install
LocDescription   : @%SystemRoot%\system32\bridgeres.dll,-2
                   6e974-e325-11ce-bfc1-08002be10318}\{171C5016-3D19-4CB2-9556-63E586EE5010}
                   6e974-e325-11ce-bfc1-08002be10318}

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics  : 262184
ComponentId      : ms_wfplwf_lower
Description      : @%windir%\System32\drivers\wfplwfs.sys,-6006
InfPath          : wfplwfs.inf
InfSection       : WfpLwf_Lower_Install
LocDescription   : @%windir%\System32\drivers\wfplwfs.sys,-6006
                   6e974-e325-11ce-bfc1-08002be10318}\{3BFD7820-D65C-4C1B-9FEA-983A019639EA}
                   6e974-e325-11ce-bfc1-08002be10318}

InstallTimeStamp : {221, 7, 12, 0...}
Characteristics  : 40
ComponentId      : ms_netbios
Description      : @%windir%\system32\drivers\netbios.sys,-501
InfPath          : netnb.inf
InfSection       : NetBIOS.ndi
LocDescription   : @%windir ...
(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-10-21 20:21:29 +0000

Seen: 153 times

Last updated: Oct 22