I am getting the "Failed to create npcap service for win7, win8 and win10. Please try installing Npcap again, or use the official Npcap installer from www.nmap.org" too. I don't get any compatibility assistant messages though.
I checked out the windows security update Pascal provided (KB3033929) and windows told me that it is already installed. I further did all updates which were found by windows update and tried to install npcap again, but I still get the above error message.
In Wireshark, the driver is not working (Warning: "The NPF driver is not running" and no interfaces to capture from).
asked 19 Oct '15, 02:41
converted to question 20 Oct '15, 08:08
You can go to the installation path of Npcap, and manually run "NPFInstall.exe -iw" and "NPFInstall.exe -i", and provide me the output here. Those are the actual driver installation commands that the installer uses.
For Vista x64 and Win7 x64 users:
If you still get the pop-up window that said Windows requires a digitally signed driver (or get error 577 when executing net start npf), please try these steps:
1) Install Microsoft's KB3033929 patch successfully (it should requires reboot).
2) Install latest Npcap 0.05-r8.
3) If step 2) still fails running the driver, then reinstall an alternate version of Npcap you NEVER installed on the machine before (like 0.05-r7, if you unfortunately tried 0.05-r7 before step1), then try 0.05-r6.) to "flush" the driver cache. You should use the same option of Install Npcap in WinPcap API-compatible Mode as you did in step 2). This installation of 0.05-r7 should work.
4) Reinstall back the latest Npcap 0.05-r8. This second-time installation should succeed.
answered 26 Oct '15, 03:59
edited 02 Feb '16, 07:36
Hmm. I've just downloaded that copy (0.05-r5) of npcap and had the same issue, I then tried the latest version (0.05-r7) and that did seem to install correctly.
However, I don't think the signature is correctly timestamped, as in, it appears there is no timestamp. As I understand it, this should prevent the correct installation on Windows 7 onwards post the SHA1 apocalypse (1/1/2016), see this TechNet page for more info. In addition, I only see a SHA1 digest hash, I'd understood we were meant to have moved to SHA256 now (with dual signing for Vista and Server 2K8 that can't handle SHA256).
You can check if you have the updates that kill untimestamped SHA1 digital signatures with the command
answered 29 Jan '16, 10:31