[Windump] no interface found on Vista

Gianluca Varenni gianluca.varenni at cacetech.com
Tue Apr 7 10:21:07 PDT 2009 

Did you run windump in an elevated command prompt?

If UAC is enabled on your PC, you need to right click on the command prompt 
icon and choose "Run as administrator".

Have a nice day
GV

----- Original Message ----- 
From: "S.P." <s.puygrenier at freesurf.fr>
To: <windump at winpcap.org>
Sent: Tuesday, April 07, 2009 8:12 AM
Subject: [Windump] no interface found on Vista


> Hi,
>
> I tried to install WinPcap on Vista (quite fresh install), in order to use
> Wireshark, but it seems that it can't find any network interface, which is 
> a
> little bit annoying :)
>
> Here are some diagnostic elements... (few comments added between
> parenthesis)
>
> G:\>windump -D
> (nothing)
>
> G:\>windump -h
> windump version 3.9.5, based on tcpdump version 3.9.5
> WinPcap version 4.0.2 (packet.dll version 4.0.0.1040), based on libpcap
> version
> 0.9.5
> Usage: windump [-aAdDeflLnNOpqRStuUvxX] [ -B size ] [-c count] [ -C
> file_size ]
>                [ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret
> ]
>                [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
>                [ -W filecount ] [ -y datalinktype ] [ -Z user ]
>                [ expression ]
>
> G:\>set
> (stripped)
> NUMBER_OF_PROCESSORS=1
> OS=Windows_NT
> PROCESSOR_ARCHITECTURE=x86
> PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
> PROCESSOR_LEVEL=6
> PROCESSOR_REVISION=0801
> SystemDrive=G:
> SystemRoot=G:\Windows
> TEMP=G:\temp
> TMP=G:\temp
>
> G:\>sc qc NPF
> [SC] QueryServiceConfig SUCCESS
>
> SERVICE_NAME: NPF
>        TYPE               : 1  KERNEL_DRIVER
>        START_TYPE         : 2   AUTO_START
>        ERROR_CONTROL      : 1   NORMAL
>        BINARY_PATH_NAME   : system32\drivers\npf.sys
>        LOAD_ORDER_GROUP   :
>        TAG                : 0
>        DISPLAY_NAME       : NetGroup Packet Filter Driver
>        DEPENDENCIES       :
>        SERVICE_START_NAME :
>
> G:\>sc query NPF
>
> SERVICE_NAME: NPF
>        TYPE               : 1  KERNEL_DRIVER
>        STATE              : 4  RUNNING
>                                (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
>        WIN32_EXIT_CODE    : 0  (0x0)
>        SERVICE_EXIT_CODE  : 0  (0x0)
>        CHECKPOINT         : 0x0
>        WAIT_HINT          : 0x0
>
> G:\>ipconfig /all
> (xxxx-ed)
>
> Windows IP Configuration
>
>   Host Name . . . . . . . . . . . . : xxxxx
>   Primary Dns Suffix  . . . . . . . :
>   Node Type . . . . . . . . . . . . : Hybrid
>   IP Routing Enabled. . . . . . . . : No
>   WINS Proxy Enabled. . . . . . . . : No
>
> PPP adapter Internet ADSL:
>
>   Connection-specific DNS Suffix  . :
>   Description . . . . . . . . . . . : Internet ADSL
>   Physical Address. . . . . . . . . :
>   DHCP Enabled. . . . . . . . . . . : No
>   Autoconfiguration Enabled . . . . : Yes
>   IPv4 Address. . . . . . . . . . . : 84.102.211.xx (Preferred)
>   Subnet Mask . . . . . . . . . . . : 255.255.255.255
>   Default Gateway . . . . . . . . . : 0.0.0.0
>   DNS Servers . . . . . . . . . . . : 84.103.237.xx
>                                       86.64.145.xx
>   NetBIOS over Tcpip. . . . . . . . : Disabled
>
>
> G:\>ping www.yahoo.com
>
> Pinging www-real.wa1.b.yahoo.com [87.248.113.14] with 32 bytes of data:
>
> Reply from 87.248.113.14: bytes=32 time=401ms TTL=57
> Reply from 87.248.113.14: bytes=32 time=61ms TTL=57
> Reply from 87.248.113.14: bytes=32 time=63ms TTL=57
>
> Ping statistics for 87.248.113.14:
>    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
>    Minimum = 61ms, Maximum = 401ms, Average = 175ms
> Control-C
> ^C
>
> G:\>ver
>
> Microsoft Windows [Version 6.0.6000]
>
> (vista home premium / english)
>
> G:\>net start
> These Windows services are started:
>
>   Application Experience
>   Ati External Event Utility
>   Background Intelligent Transfer Service
>   Base Filtering Engine
>   COM+ Event System
>   Cryptographic Services
>   DCOM Server Process Launcher
>   Desktop Window Manager Session Manager
>   DHCP Client
>   Diagnostic Policy Service
>   Diagnostic System Host
>   Distributed Link Tracking Client
>   DNS Client
>   DU Meter Service
>   Group Policy Client
>   IKE and AuthIP IPsec Keying Modules
>   IP Helper
>   IPsec Policy Agent
>   KtmRm for Distributed Transaction Coordinator
>   lxdb_device
>   Multimedia Class Scheduler
>   Network Connections
>   Network List Service
>   Network Location Awareness
>   Network Store Interface Service
>   PC Tools Firewall Plus
>   Plug and Play
>   Portable Device Enumerator Service
>   Program Compatibility Assistant Service
>   Protected Storage
>   Protexis Licensing V2
>   Remote Access Connection Manager
>   Remote Procedure Call (RPC)
>   Secondary Logon
>   Security Accounts Manager
>   Shell Hardware Detection
>   SL UI Notification Service
>   Software Licensing
>   SSDP Discovery
>   System Event Notification Service
>   Task Scheduler
>   TCP/IP NetBIOS Helper
>   Telephony
>   Themes
>   User Profile Service
>   WebClient
>   Windows Audio
>   Windows Audio Endpoint Builder
>   Windows Driver Foundation - User-mode Driver Framework
>   Windows Event Log
>   Windows Management Instrumentation
>   Windows Update
>
> The command completed successfully.
>
> ###########
>
> IPv6 is disabled in RAS connection
>
> modem = sagem f at st 800 usb (simple adsl modem, not a full adsl "box" with
> tv/phone/etc. - this model is quite classic in France)
>
> problem remains when changing encapsulation PPPoA/PPPoe/VCMUX/etc.
>
> msinfo32.exe/system driver/npf : npf.sys/kernel 
> driver/started/auto/running
>
> pc tools firewall+ installed, but problem remains when stopping it
>
> any other diagnostic on request...
>
> Best regards,
> SP
>
>
>
> _______________________________________________
> Windump mailing list
> Windump at winpcap.org
> https://www.winpcap.org/mailman/listinfo/windump

More information about the Windump mailing list