Ask Your Question
0

Uninstall/Reinstall 'corrupts' windows 7 network stack

asked 2020-05-12 12:43:25 +0000

Hi,

Not really a question more of a warning (and maybe something devs can look into).

A few weeks ago on my work windows 7 PC i ran into https://ask.wireshark.org/question/64... So I uninstalled whatever version of wireshark I had, and reinstalled the latest version without usbcap and everything worked fine. I did not do a reboot during the whole process or afterwards, till 2 weeks ago and all of a sudden after rebooting my work pc for another reason I did not have network access anymore. (Which led to me trying all kinds of things including windows repair which completely corrupted the startup process so windows would not even boot anymore and me ordering a new pc since the old one was 10 years old. I did think of wireshark at the time.)

Fast forward to day before yesterday and I am running into the the external capture plugin issue on my windows 7 home PC. No worries I know what to do I and uninstall/reinstall of latest version without usbcap and everything works as expected. I start my home pc yesterday morning and while I still have internet for some reason I cannot connect to the work network anymore using OpenVPN. Checking the routing tables and everything seems fine, but packets are just not following the rules of the routing table (packets that should go the the 172.20.xxx work range end up on the normal interface ). I spend a few hours trying all kinds of things, uninstalling wireshark and openvpn and the network adapters etc without result. Then i uninstalled everything and followed the steps on https://superuser.com/questions/30995..., reinstalled openvpn and now it works again.

It could all be a coincidence of course but it get the feeling wireshark uninstall/reinstall is doing something fishy.

Hope it helps someone.

Bram

edit retag flag offensive close merge delete

Comments

If you have problems with extcap interfaces, try either not installing them, or deleting them from the Wireshark installation extcap directory.

If you have other network issues after installing Wireshark it's likely to be npcap, support for that can be found over at the npcap site.

grahamb gravatar imagegrahamb ( 2020-05-12 12:58:13 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-05-12 18:51:04 +0000

Guy Harris gravatar image

updated 2020-05-20 20:54:35 +0000

It could all be a coincidence of course but it get the feeling wireshark uninstall/reinstall is doing something fishy.

What Wireshark uninstall/reiinstall is doing is "uninstalling/reinstalling WinPcap or Npcap". In order to make it possible for Wireshark to capture network traffic, they have to install either WinPcap or Npcap, which has to install a kernel-mode driver into the networking stack so that it can see network packets as they're received or sent.

This will, of course, affect the networking stack. WinPcap is no longer actively being developed, but Npcap is, and problems have been reported with networking when it's installed, including problems with VPNs. See the Npcap issues list.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2020-05-12 12:43:25 +0000

Seen: 39 times

Last updated: May 20