Wire shark is not opening only in Windows 10.. Is there any way to do that? asked 02 Dec '15, 01:51  Abdul Jaleel converted to question 02 Dec '15, 02:16  grahamb ♦ |
4 Answers:
The dumpcap process is the user mode application that is started by Wireshark (or tshark) to discover and capture from the network interfaces on your machine, usually via the WinPcap driver. Unfortunately for you (@NRGfxIT), and a very small number of other folks, there appears to be some issue in your environment that causes the call into WinPcap to hang, which then blocks the dumpcap process. I suspect something in the network stack on your machine, possible VPN or Endpoint protection software causes this. Unfortunately debugging this remotely is near impossible. You may want to try replacing WinPcap with the likely replacement for it, npcap as npcap has moved to a more modern driver mechanism within Windows, so may not suffer the issue you have. To install npcap, uninstall WinPcap, reboot, and then install npcap in WinPcap compatibility mode. You can then install Wireshark again, which should behappy to use the newly installed version of npcap. answered 02 Mar '16, 03:37 grahamb ♦ I'm having the same problem now after upgrading wireshark to the latest version yesterday. It was working before that, and as part of the upgrade process I didn't upgrade WinPCAP (already had the latest version). I think there's something else going on here. (21 Apr '16, 04:11) robert_ Can you ensure no dumpcap processes are running, terminate then if there are, and then let us know what happens when running (21 Apr '16, 05:16) grahamb ♦ One day later (with no intervention other than a reboot) and it's working again. Glad I didn't go through the rigmarole of installing ncap :-) By the way, output of dumpcap was (22 Apr '16, 00:58) robert_ |
Please try Npcap (replacement of WinPcap), the latest version is 0.06 R19: answered 21 Apr '16, 19:26  Yang Luo |
I was having similar problems with 64 bit version 2.20 on Windows 10. Launched the app and got a greyed out screen saying - ‘Please wait while Wireshark is initializing …’ Tried to upgrade to 2.21 and that didn't make any difference (had to reboot before I could upgrade). Then I remembered that I had added USBPcap on a recent update so I uninstalled Wireshark 2.21, WINPcap, USBPcap, then resinstalled Wireshark 2.21 with WINPcap and now it is working.... Hope this might be helpful... answered 03 Nov '16, 19:37  PBSki |
Same error. Run as administrator. Windows 10 Pro 1607(OS Build 14393.351)
Subj work like a charm after killing Wireshark.exe in Process Explorer and restart.
answered 07 Nov '16, 03:00  smarty edited 07 Nov '16, 03:12 Please don't run Wireshark as Administrator, it's not necessary and exposes your system to much more risk from malicious traffic. See the wiki page on Capture Privileges for more details. (07 Nov '16, 03:17) grahamb ♦ 1 @smarty, the symptoms you describe indicate that you suffer from bug12845. The issue and workaround have been discussed here. (07 Nov '16, 03:46) sindy Thx, @sindy. (07 Nov '16, 05:13) smarty |
Can you be a bit more descriptive of your issue?
What version of Wireshark did you install, and how are you trying to start it?
Experiencing a similar issue. From a clean boot, no other apps started other than a few in the tray, I click on the desktop shortcut (have also tried the legacy option as well). In the new UI it starts up, and the loading progress bar stops at ‘Loading module preferences’. The status bar reads ‘Please wait while Wireshark is initializing …’ If I click into the window at this point it goes grey and (Not Responding) appears in the title bar. I have to then kill the application.
I am running Windows 10 Pro x64, Version 1511, OS Build 10586.104, 16GB RAM, Intel Core i7-4980HQ CPU @ 2.80GHz. 1TB SSD HD with approx. 40% spare space.
Also worth stating that it also hangs on Mac OSX 10.11 wherever I change the IP lookup preferences.
Should also have said the version of Wireshark I am running is whatever you have on the website as of the 29th February 2016. As I cannot get it to start I cannot validate its version from any interface.
For now reverting back to Kali Linux where things seem to be a little more stable ;-)
I can confirm that I am running Wireshark v2.0.2.
Attempts to uninstall is hampered by the 'Wireshark Dump' processes (x2) that cannot be killed from the task manager with an 'Access is denied' error even when running as Admin. These are I believe artefacts from the x2 attempts to load the program and crashing out of it. A re-boot flushes them and I can then uninstall Wireshark.
Tested also Win32 version 2.0.2 and it hangs in the same way as the x64. Attempts to uninstall requires a re-boot due to the stuck process as with x64.
Tried the latest build of Wireshark v2.1.0-2200-g9063aca (x64) same hanging issue, and also locked process when attempting to uninstall.