How can I fix the NPF Driver not running error? NPF Driver fails to start. What is the meaning of this error? NPF Driver not working; says service name is invalid when I try to start in cmd! The NPF driver isn't running. You may have trouble capturing or listing interfaces. Risk assessment issues. For example, if you wish to download a later version of WinPcap and have that installed instead. For the release 1.0 of Wireshark this was WinPcap402.exe, currently the default is WinPcap41beta5.exe. Known Issues. If WinPcap is not installed on the machine, WiresharkPortable.

• Npf Does Not Exist As An Installed Service
• Wireshark Npf Driver Windows 10

To cllear this error, you need to open the file called npf.sys which is located at. C:WindowsSystem32Driversin Windows 7. Follow the below guide to open the npf.sys file.Firstly, make sure that you have installed winpcap, if you didn't install it, just go to its official site and download it for installation:Next, find cmd.exe which is located at.

C:WindowsSystem32in Windows 7, right click and 'Run as administrator'. When it opened, input net start npf, then the NPF driver is successfully opened. That is,the file npf.sys is opened.At last, restart Wireshark, it will be OK now.BTW, if you have other driver problems or want to update, backup or restore drivers, the free program DriveTheLife (official site: ) is a perfect one.Note:If you are using Linux or Ubuntu, after WinpCap is installed, use the common ' $ su Administrator ' to switch to the highest authority account, then input net start npf.If you are using Windows XP, login with administrator account then open cmd, input net start npf.

Hello all,My name is John T. Haller and I'm the lead developer behindPortableApps.com. We've repackaged many popular programs likeOpenOffice.org, Firefox, Thunderbird, PuTTY and more to be entirelyportable and run from an USB device you'd like (flash drive, iPod,portable hard drive, etc).

There have been a few people asking for aportable version of Wireshark to use in this setting.I noticed you'd posted a package for the proprietary/closed U3 platform.The goal of PortableApps.com is to be compatible with all drives, notto lock people into drives from one manufacturer. This is born out bythe download numbers as the portable apps see about 10x the downloads ofthe U3 apps.So, I was wondering if you'd consider working on a portable solution inaddition to (or instead of) the package for the niche U3 platform.

I'dbe happy to assist and contribute code to that end, of course. And, itwould be easier for all the Wireshark developers and users to test sinceyou can run it from any existing hardware you have (or even from yourlocal hard drive).Kind Regards,John-Head Portable Apps GuyPortableApps.com. Hello all,My name is John T.

Haller and I'm the lead developer behindPortableApps.com. We've repackaged many popular programs likeOpenOffice.org, Firefox, Thunderbird, PuTTY and more to be entirelyportable and run from an USB device you'd like (flash drive, iPod,portable hard drive, etc). There have been a few people asking for aportable version of Wireshark to use in this setting.I noticed you'd posted a package for the proprietary/closed U3 platform.The goal of PortableApps.com is to be compatible with all drives, notto lock people into drives from one manufacturer. This is born out bythe download numbers as the portable apps see about 10x the downloads ofthe U3 apps.So, I was wondering if you'd consider working on a portable solution inaddition to (or instead of) the package for the niche U3 platform.

I'dbe happy to assist and contribute code to that end, of course. I would personally welcome a 'PortableWireshark' version, and would bewilling to spend some effort for it (unfortunately, currently my time ispretty limited).BTW: We will probably not drop U3 support, unless there's a very goodreason for it:-)BTW(2): The main U3 advantage I still see is the way it's closingapplications - which might be added easily to PortableApps as well.If you mean the HostCleanup processes, be sure you're not doing anythingcritical within them as they are not guaranteed to run. Obviously, ifthe PC crashes, they never run (which most people know) but if you turnthe PC off with the drive in, the U3 platform never shuts down. So,even if you closed Wireshark for U3 and then shut the PC off (or put itto sleep), the HostCleanup will not be run.

It's best to have anycleanup stuff run as the app closes as I do with all the portable apps(and as I did with the U3 versions of them: Firefox, Thunderbird, etc). 1)make Wireshark itself 'portable' - shouldn't be too difficult asWireshark is cleanly programmed in this regardThe current U3 code leads to the places to look at. It's about findingsome directories, e.g.

Where to find/save the users settings (usually at'c:Documents and SettingsApplication DataWireshark' or thecorresponding international path). You might already have some solutionsfor this, as I guess this is a common problem for all portable apps.I personally recommend a commandline option as this provides the mostflexibility.

Npf Does Not Exist As An Installed Service

That way the end user has complete control should theywant it. Firefox, Thunderbird, etc all provide commandline switches forthis. And, you could use this same commandline switch for your U3package (no need to check for the environment variables = less code). 2)make WinPcap 'portable' - I don't know a good way for this (might becomepretty difficult)WinPcap is the driver to capture live network data (for Wireshark and alot of similiar tools). It seems that WinPcap must be installed inc:winntsystem32 to work properly - at least I don't know a better waythan this:-(Unfortunatly, while WinPcap itself is open source, the WinPcap installeris closed source, so there's no easy way to get an idea how to do itfrom sample code.Now that is a tad odd. It is unfortunate, too, as that would completelypreclude me from hosting it on SourceForge.From what I've analyzed, it installs the following files:%WINDIR%system32Packet.dll%WINDIR%system32pthreadVC.dll%WINDIR%system32WanPacket.dll%WINDIR%system32wpcap.dll%WINDIR%system32driversnpf.sysThe Packet.dll and npf.sys files appear to vary depending on the OS(probably different ones for Windows 98, etc) as there are 3 variationsof each in the installer.

It does more than simple regsvr32 them aswell, since it appears to need to hook it's network driver to eachinterface on the system. I can run a registry and file systemcomparison to get a rough idea of this. Detect if WinPcap is already installed on the system- if not, call the WinPcap setup.exe and install it on the system- when the stick is going to be unplugged and WinPcap was installed bythe U3 package, ask the user if he wants to uninstall WinPcap= This obviously isn't nice, but we don't know a better way.

Inaddition, you'll need Administrative privileges toinstall/start/uninstall winPcap:-(Even without the WinPCap installer, we'll need admin rights for this asit will require access to the drivers setup within Windows. There's noway around that unfortunately.

We'll need an 'Application Data/Wireshark' directory somewhere on thestick - is there a 'portable app recommendation' for this?The standard setup would be:X:PortableApps-WiresharkPortable (this is where WiresharkPortable.exe lives)-App-wireshark (all Wireshark's binaries live here)-winpcap (winpcap installer, just to keep it neat)-Data (this would contain any user settings files, etc)Obviously, Wireshark Portable would only be concerned with its bitsinside its own directories. That's one of the nice things aboutportable apps. And that WiresharkPortable.exe launcher would handle thewhole:1.

Detect if WinPCap is installed, if not, install it2. Run Wireshark and pass it the commandline switch.

Something like:wireshark.exe -datapath=X:PortableAppsWireSharkPortableData3. Stick around until Wireshark finishes4. Uninstall WinPCap if we installed it on Wireshark exit.

P.S.: Well, the page is a bit short;-) If it would be more comprehensive, I might have started this taskalready a lot earlier.Yeah, I have work to do on that.Ok, if you can get me a Wireshark build that accepts a commandlineparameter pointing it to its data and let me know how you check for PCapbeing installed (is just checking for the DLL enough?) I can get you atest portable build. Fancy splash screen and all. Oh, and I startedchecking out compression and I can get the Wireshark install from 68MBdown to 22MB using UPX compress with specific settings on the DLLs andEXEs. I have a script that takes care of this I can give ya. I canpackage this all up in a PAF (it stands for PortableApps.com Format) soit can be installed by anyone by itself or auto-installed into thePortableApps.com Menu (it's under Options).Best,John. If you mean the HostCleanup processes, be sure you're not doing anythingcritical within them as they are not guaranteed to run. Obviously, ifthe PC crashes, they never run (which most people know) but if you turnthe PC off with the drive in, the U3 platform never shuts down.

So,even if you closed Wireshark for U3 and then shut the PC off (or put itto sleep), the HostCleanup will not be run. It's best to have anycleanup stuff run as the app closes as I do with all the portable apps(and as I did with the U3 versions of them: Firefox, Thunderbird, etc).Well, having a single 'eject' button is a nice way to close all appsyou've opened from the stick. It's easier than to close the apps openedfrom the stick one by one.And yes, I've already noted that the U3 eject doesn't work all the time;-). I personally recommend a commandline option as this provides the mostflexibility. That way the end user has complete control should theywant it. Firefox, Thunderbird, etc all provide commandline switches forthis.

And, you could use this same commandline switch for your U3package (no need to check for the environment variables = less code).Well, someone.has. to check for the U3 env settings, so in effectthere's no difference in code length.I'm not sure, but if the U3 WS is started through a special launcher,the U3 specific code to get the dir(s) could be moved to that launcher,making the WS code cleaner. Now that is a tad odd. It is unfortunate, too, as that would completelypreclude me from hosting it on SourceForge.%WINDIR%system32Packet.dll%WINDIR%system32pthreadVC.dll%WINDIR%system32WanPacket.dll%WINDIR%system32wpcap.dll%WINDIR%system32driversnpf.sysThe Packet.dll and npf.sys files appear to vary depending on the OS(probably different ones for Windows 98, etc) as there are 3 variationsof each in the installer. It does more than simple regsvr32 them aswell, since it appears to need to hook it's network driver to eachinterface on the system. I can run a registry and file systemcomparison to get a rough idea of this.First of all, you may have a look at our System Requirements,don't support Win9x,NT so there's no need (at least for WS) for theWinPcap install to support these systems (WinPcap officially doesn'tsupport 9x any longer since 4.0).AFAIK, it will be registered as a network protocol driver, which ispretty tricky to do.

Some time ago I tried to find some OSS source howto do this but didn't found anything:-(((If you find some good infos about it on the web (or through your ownwork), please let me know. X:PortableApps-WiresharkPortable (this is where WiresharkPortable.exe lives)-App-wireshark (all Wireshark's binaries live here)-winpcap (winpcap installer, just to keep it neat)-Data (this would contain any user settings files, etc)Obviously, Wireshark Portable would only be concerned with its bitsinside its own directories. That's one of the nice things aboutportable apps. And that WiresharkPortable.exe launcher would handle the1. Ui view keygen free.

Detect if WinPCap is installed, if not, install itwireshark.exe -datapath=X:PortableAppsWireSharkPortableData3. Stick around until Wireshark finishes4.

Uninstall WinPCap if we installed it on Wireshark exitSounds reasonable. This way you can easily update the applicationwithout loosing your user settings.This unfortunately will install/uninstall WinPcap each time you startWireshark. Ok, if you can get me a Wireshark build that accepts a commandlineparameter pointing it to its data and let me know how you check for PCapbeing installed (is just checking for the DLL enough?) I can get you atest portable build.

Fancy splash screen and all. Oh, and I startedchecking out compression and I can get the Wireshark install from 68MBdown to 22MB using UPX compress with specific settings on the DLLs andEXEs. I have a script that takes care of this I can give ya. I canpackage this all up in a PAF (it stands for PortableApps.com Format) soit can be installed by anyone by itself or auto-installed into thePortableApps.com Menu (it's under Options).I'll see what I can do about the command line (shouldn't be toodifficult), however the available time is the limit:-(WinPcap is loaded in capture-wpcap.c, in function loadwpcap.

Itsimply calls the glib function to load a DLL:gmoduleopen('wpcap', 0);and then looks for the available functions.Today I've noticed the 'standalone' portableapps.com menu application -I didn't tried it because I don't needed the 'huge' package and didn'tnoticed the standalone package on a 'quick view'. You might want to makethe standalone package a bit more 'visually prominent' on:-)Is this paf format something special of simply a zip file with some metainformation/structure?If the build process is not too difficult, we might even want to add thepaf build into the WS build process, as developers frequently need.very. recent versions for test/debug purposes - but that is obviouslynot the first step:-)Regards, ULFL. I personally recommend a commandline option as this provides the mostflexibility.

That way the end user has complete control should theywant it. Firefox, Thunderbird, etc all provide commandline switches forthis. We'll need an 'Application Data/Wireshark' directory somewhere on thestick - is there a 'portable app recommendation' for this?X:PortableApps-WiresharkPortable (this is where WiresharkPortable.exe lives)-App-wireshark (all Wireshark's binaries live here)-winpcap (winpcap installer, just to keep it neat)-Data (this would contain any user settings files, etc)We'll need two dirs in the Data dir, the profile (settings) and theactual users (capture) data. Ok, if you can get me a Wireshark build that accepts a commandlineparameter pointing it to its data and let me know how you check for PCapbeing installed (is just checking for the DLL enough?) I can get you atest portable build. Fancy splash screen and all.

Wireshark Npf Driver Windows 10

Oh, and I startedchecking out compression and I can get the Wireshark install from 68MBdown to 22MB using UPX compress with specific settings on the DLLs andEXEs. I have a script that takes care of this I can give ya. I canpackage this all up in a PAF (it stands for PortableApps.com Format) soit can be installed by anyone by itself or auto-installed into thePortableApps.com Menu (it's under Options).You should get an SVN 21022 build pretty soon onULFL.