I am getting tons of malformed packet errors with " winr openkey response, error unknown dos error" in the information before and below. asked 31 Jul '12, 12:55  cyberseeds |
2 Answers:
Perhaps they're not actually "Windows Registry access" protocol packets, and Wireshark is misidentifying them as such, trying to dissect them as such, and reporting errors (which would be errors if they were those packets, but wouldn't be if they're not). You might want to file a bug on that and attach a capture file to the bug. answered 31 Jul '12, 13:42  Guy Harris ♦♦ edited 31 Jul '12, 13:50 |
You can select the protocol in the packet details pane and select from the context menu the option 'Disable protocol...'. This disables the dissector (for that session) to allow possible other dissectors to pick up the traffic. Another option is to select from the context menu the option 'Decode as...', and then select the protocol you think it is. answered 01 Aug '12, 04:03  Jaap ♦ |
