Ask Your Question
0

Wireshark 2.5.2 Win64 Hangs During Startup

asked 2018-04-02 21:31:40 +0000

dbAtAffirmed gravatar image

I upgraded my Win64 Wireshark installation to one of the automated builds, 2.5.2, and it hangs now during startup. It will eventually come up but it hangs for 30-to-40 seconds on, "Finding local interfaces' portion of the splash screen.

Can anyone articulate what Wireshark is trying to do there and why it's taking so long? I only have three interfaces defined on the system (Wired, Wireless & one for a VPN adapter that isn't running at the moment).

If I uninstall the 2.5.2 build and go back down to 2.0.16 it works fine. If I go back up to 2.5.2 it hangs again.

Thanks...

Version 2.5.2-171-g9dde6d4b (v2.5.2rc0-171-g9dde6d4b) 

Copyright 1998-2018 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <http: www.gnu.org="" licenses="" old-licenses="" gpl-2.0.html=""> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 

Compiled (64-bit) with Qt 5.9.4, with WinPcap (4_1_3), with GLib 2.42.0, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729. 

Running on 64-bit Windows 10, build 16299, with Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz (with SSE4.2), with 7888 MB of physical memory, with locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap, binary plugins supported (14 loaded). Built using Microsoft Visual C++ 14.12 build 25835 

Wireshark is Open Source Software released under the GNU General Public License. 

Check the man page and http://www.wireshark.org for more information. 
edit retag flag offensive close merge delete

Comments

The 32 bit install hangs for me on the usb install

BrucePollard gravatar imageBrucePollard ( 2018-04-04 21:04:05 +0000 )edit

Wireshark tries to read information from the interfaces at startup. Possibly your VPN interface causes it to wait for some timeout causing the long delay. If you activate logging it might be possible to see if this is true. As some work has been done in this area it would be good if you used a recent automated build to test.

Anders gravatar imageAnders ( 2018-04-05 08:01:14 +0000 )edit

I have Wireshark 2.6.2 64-bit installed on my Windows 10, and it is giving the same problem. It was working fine for several days. Today, when I tried to open a pcap file, it started giving the message "Finding local interfaces" and hangs. I could not get it to open at all.

armling gravatar imagearmling ( 2018-08-24 20:29:10 +0000 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2018-04-05 04:53:55 +0000

Jaap gravatar image

The odd numbered versions are development snapshots, so YMMV. But you're in luck, a new maintenance release of 2.4 (stable) was put out, and a new stable series, 2.6, is just around the corner. You could try out the release candidate of this series.

edit flag offensive delete link more

Comments

OK, so this is strange.... I upgraded to Wireshark-win64-2.6.0rc0-6-gb8ad0997 on Jaap's suggestion and now it's working!

I figured I'd grab some logs anyway as this would be interesting (Ander's suggestion) but while I can set the option (Edit --> Preferences --> Advanced) to open the console 'ALWAYS' the log level is grayed out. Am I doing something wrong or do the RC builds not permit verbose logging? I'd paste a screenshot but I lack points so I'll just tell you that the console.log.level has Status=unknown, Type=Log level and Value=28. I wanted to update it from 28 --> 252 based on what I saw here (https://wiki.wireshark.org/Developmen...). I even tried running from a bat file with a:

-oconsole.log.level:252 

option but nothing popped up.

Anyway, for now the RC build is working so ...(more)

dbAtAffirmed gravatar imagedbAtAffirmed ( 2018-04-05 13:43:24 +0000 )edit

I see the same problem in wireshark 2.6.2 64-bit on my windows 10. I have now moved back to 2.0.16.

armling gravatar imagearmling ( 2018-08-26 03:10:39 +0000 )edit
0

answered 2018-08-16 16:43:08 +0000

I've been having this issue too for about a year and updating to newer versions did not fix the issue. I did find if I opened Wireshark again after it hung on the first try the second attempt would load fine. I found this response on the old forum and it solved this issue for me. After following these steps I was finally able to load the new Wireshark version without issues.

"This is generally a symptom of an issue in WinPcap, the mechanism used to capture traffic on Windows. Wireshark uses WinPcap at startup to query the list of interfaces that can be used for captures.

The actual issue has never been resolved, but uninstalling Wireshark, uninstalling WinPcap, if it remains, ensuring that there is no copy of npf.sys in %WINDIR%\system32\drivers\, reboot, and then reinstalling Wireshark (installing WinPcap when offered) usually does the trick. Make sure you run the installer as Administrator, it should do this automatically, but if you don't get asked for permissions, cancel, then right-click the installer and select "Run as Administrator".

I found this response on the forum by @grahamb on https://osqa-ask.wireshark.org/questi...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-04-02 21:31:40 +0000

Seen: 6,129 times

Last updated: Aug 24 '18