Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

npcap caused BSOD!

From: "Mike ." <dmciscobgp () hotmail com>
Date: Sat, 23 Mar 2019 17:38:48 +0000
hello all

um...3rd time was NOT a charm with newest npcap! blue screened me hard! a little upset but even more confused than 
anything. so the install log pointed to all being ok. but here is where the weirdness begins (and i KNOW what i saw in 
front of me btw!)


same issues i have had before came up (cannot open lo0 interface) so it really was working but wasn't.(meaning it had 
ENABLED finally with no more "identifying network" like it had done in the past) the craziness was when i opened up the 
npcap adapter GUI. npcap apparently BY DEFAULT! binds to NBT services....um why???? and the madness after that was when 
i opened up Currports (GUI netstat) but what do i see? a running DHCP server port 67 open!??? client i would 
understand, not a server! and i ALWAYS monitor my ports. i have NEVER had that open! so lastly, i was told to put npcap 
service to start at boot. this is where it went downhill in a hurry!

first off, npcap had 2 options, npcap and npcap_wifi. i noticed wifi part was not turned on. odd moment here. when i 
went to services and right clicked to start it, i was given a "file cannot be found". yet i located it on my own (but 
it still didn't see it in services after that). windows just didnt see it? so the fun occured when i set that to boot 
start. restart then BLUE SCREEN ! offending driver was npcap BUT ...the offending function was found in 
dumpata_dump.sys??? i have no idea what that is/means. thank heavens i could get to a safe mode and uninstall npcap (i 
knew that was all it would take). the BSOD said "driver failed to offload something....status was still pending??" 
something to that effect. and of course, after the uninstall a happy windows once again! so what the hell happened!!?? 
if someone wants to view this bugcheck, i happilly saved it and would love to submit it but not sure how here. i am 
dying to know what the hell caused all this. i think at this point my machine hates npcap and i am starting to agree 
with it :)

M|ke

********************************************************************************************

final ?: safe to delete this key? wasn't sure since it relates to winpcap but is under the NPCAP root folder (please 
coders...UNINSTALL THE SERVICE/LEGACY ROOT ALONG WITH THE PROGRAMS!)


   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NPF

(root folder is HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npcap)

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: