Hello, i facing the this issue: Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419) is the any workaround because i cannot use Wireshatk on my W8 64Bit Laptop After i restart the Laptop Wireshark hangs during Start "loading configuration fies" and thats it. i need to unsinstall Wireshark but this is denied regarding Dumpdap is still running but dumpcap is not to "Task Cancel" using Taskmanager...its a kind of Deadlock situation. please support:-) thany you and best regards Michael asked 09 Jan '15, 00:24  haylebob |
One Answer:
A few other folks have run into this situation, without it really being resolved. I suspect (from previous investigations) the issue is actually in WinPCap. Random guess, do you have any other networking tools installed on the machine that might have installed their own version of WinPCap? answered 09 Jan '15, 02:04  grahamb ♦ no from my site only Wireshark here installed using WinPCap (09 Jan '15, 02:41) haylebob Hi, as indicated by Graham it seems to be a known issue between WinPcap and Windows 8/8.1 faced by some users. See those threads for more information and possible workarounds (that worked for some guys): https://ask.wireshark.org/questions/26517/winpcap-seems-to-crash-on-win81 https://ask.wireshark.org/questions/27855/cant-uninstall-wireshark-on-win8-64bit There are other questions treating this subject that can be found with a search (09 Jan '15, 02:46) Pascal Quantin The same happens on Windows Server 2012 R2 (s. https://ask.wireshark.org/questions/36441/server-2012-r2-wireshark-crashes) without Winpcap installed. Imho this is a Wireshark issue. (09 Jan '15, 04:00) Uli @Uli, As I commented on that question, no-one in the core team is able to replicate the issue on the machines we have access to (both 8\8.1 and server 2k12 R2). The only way forward is to debug the issue via either local debugging on affected machines (needs sources and lots of knowledge) or remote debugging using crash dumps from affected machines which no-one seems to be prepared to make available. One person with the issue did make crash dumps available (on 8 or 8.1) and the dumpcap process was stuck in a call to WinPCap which is a different project. (09 Jan '15, 04:35) grahamb ♦ Hi all, thank you very much for help :-) this threat from Ling regarding changing Reg-Key https://ask.wireshark.org/questions/26517/winpcap-seems-to-crash-on-win81 but im still testing...;-) seem to hepls me i'll feedback here soon best regards Michael (10 Jan '15, 23:32) haylebob I'd missed that answer, so I've added a comment to it which I'll repeat here: Although this may fix your issues, running Wireshark with elevated privileges is not recommended. There are millions of lines of unaudited code in Wireshark and a great deal of work has been undertaken to allow Wireshark to run without elevating privs. (11 Jan '15, 03:55) grahamb ♦ showing 5 of 6 show 1 more comments |
I had this same error. After reading the previous messages, I attempted to delete the folder Wireshark, which was unsuccessful. I was able to "cut" the folder and paste it somewhere else as the administrator. After the program successfully opened, it now says the NPF driver isn't working. It also suggested I install the update from Wireshark 1.12.1 to Wireshark 1.12.3. While doing the uninstall and re-installing the updated software, it had an error installing WinPCaP. I pushed the "abort" button, but the rest of Wireshark continued to install. I have Window 8.1 64bit OS. This may not help, but I have homework to do so am going to see if this works anyways.
~ Skip that... the program works, but now you can't do any captures and it won't let me refresh the interfaces. :(
That sounds like you need to reinstall WinPCap. You can download a standalone installer from their website