I just uploaded my MiniDumps to https://dl.dropboxusercontent.com/u/670345/MiniDump.rar, if it makes debugging this easier.
Tyson. 2015-07-28 8:08 GMT+01:00 Tyson Key <tyson....@gmail.com>: > Hi Yang, > > Thanks for looking into this. > > I can't remember when/how I installed Win10PCap (guessing that I briefly > had a look, but couldn't get it to do anything on my machine, and just > removed it), but I'm using VMware Player 6.0.7 build-2844087 (haven't got > Workstation/Server installed); and I tried a dance of > upgrading/downgrading/upgrading my AR9485WB-EG WLAN driver (first by > downloading the package from > http://support.lenovo.com/us/en/downloads/ds032333, to take me from > 10.0.0.242, to 10.0.0.75; and then using Device Manager's driver update > function, to take me to 3.0.1.155 (which I'm guessing is probably older > than 242 - I'm just guessing from the sketchy build dates) - which gave me > a different type of BSoD, initially, after starting Wireshark, but let me > capture traffic for a little while, after rebooting. > > Here's all of the MiniDump summaries that I could find: > > ================================================== > Dump File : 072715-31968-01.dmp > Crash Time : 27/07/2015 07:02:32 pm > Bug Check String : SYSTEM_SERVICE_EXCEPTION > Bug Check Code : 0x0000003b > Parameter 1 : 00000000`c0000005 > Parameter 2 : fffff801`1be5d485 > Parameter 3 : ffffd000`2324e980 > Parameter 4 : 00000000`00000000 > Caused By Driver : ntoskrnl.exe > Caused By Address : ntoskrnl.exe+150ca0 > File Description : NT Kernel & System > Product Name : Microsoft® Windows® Operating System > Company : Microsoft Corporation > File Version : 6.3.9600.17736 (winblue_r9.150322-1500) > Processor : x64 > Crash Address : ntoskrnl.exe+150ca0 > Stack Address 1 : > Stack Address 2 : > Stack Address 3 : > Computer Name : > Full Path : C:\WINDOWS\Minidump\072715-31968-01.dmp > Processors Count : 4 > Major Version : 15 > Minor Version : 9600 > Dump File Size : 281,520 > Dump File Time : 27/07/2015 07:03:33 pm > ================================================== > > ================================================== > Dump File : 072715-32078-01.dmp > Crash Time : 27/07/2015 06:47:01 pm > Bug Check String : BAD_POOL_CALLER > Bug Check Code : 0x000000c2 > Parameter 1 : 00000000`00000099 > Parameter 2 : ffffe000`7d4b31b8 > Parameter 3 : 00000000`00000000 > Parameter 4 : 00000000`00000000 > Caused By Driver : tcpip.sys > Caused By Address : tcpip.sys+42856 > File Description : TCP/IP Driver > Product Name : Microsoft® Windows® Operating System > Company : Microsoft Corporation > File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) > Processor : x64 > Crash Address : ntoskrnl.exe+150ca0 > Stack Address 1 : > Stack Address 2 : > Stack Address 3 : > Computer Name : > Full Path : C:\WINDOWS\Minidump\072715-32078-01.dmp > Processors Count : 4 > Major Version : 15 > Minor Version : 9600 > Dump File Size : 281,520 > Dump File Time : 27/07/2015 06:48:04 pm > ================================================== > > ================================================== > Dump File : 072715-32468-01.dmp > Crash Time : 27/07/2015 06:34:37 pm > Bug Check String : SYSTEM_SERVICE_EXCEPTION > Bug Check Code : 0x0000003b > Parameter 1 : 00000000`c0000005 > Parameter 2 : fffff801`962a446e > Parameter 3 : ffffd001`1bd0f980 > Parameter 4 : 00000000`00000000 > Caused By Driver : ndis.sys > Caused By Address : ndis.sys+546e > File Description : Network Driver Interface Specification (NDIS) > Product Name : Microsoft® Windows® Operating System > Company : Microsoft Corporation > File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) > Processor : x64 > Crash Address : ntoskrnl.exe+150ca0 > Stack Address 1 : > Stack Address 2 : > Stack Address 3 : > Computer Name : > Full Path : C:\WINDOWS\Minidump\072715-32468-01.dmp > Processors Count : 4 > Major Version : 15 > Minor Version : 9600 > Dump File Size : 281,520 > Dump File Time : 27/07/2015 06:35:48 pm > ================================================== > > ================================================== > Dump File : 072715-33859-01.dmp > Crash Time : 27/07/2015 05:11:25 pm > Bug Check String : BAD_POOL_CALLER > Bug Check Code : 0x000000c2 > Parameter 1 : 00000000`00000007 > Parameter 2 : 00000000`00001200 > Parameter 3 : 00000000`00000000 > Parameter 4 : ffffe000`8d01cbf8 > Caused By Driver : ntoskrnl.exe > Caused By Address : ntoskrnl.exe+150ca0 > File Description : NT Kernel & System > Product Name : Microsoft® Windows® Operating System > Company : Microsoft Corporation > File Version : 6.3.9600.17736 (winblue_r9.150322-1500) > Processor : x64 > Crash Address : ntoskrnl.exe+150ca0 > Stack Address 1 : > Stack Address 2 : > Stack Address 3 : > Computer Name : > Full Path : C:\WINDOWS\Minidump\072715-33859-01.dmp > Processors Count : 4 > Major Version : 15 > Minor Version : 9600 > Dump File Size : 281,520 > Dump File Time : 27/07/2015 05:12:34 pm > ================================================== > > ================================================== > Dump File : 072715-48062-01.dmp > Crash Time : 27/07/2015 05:00:25 pm > Bug Check String : BAD_POOL_CALLER > Bug Check Code : 0x000000c2 > Parameter 1 : 00000000`00000007 > Parameter 2 : 00000000`00001200 > Parameter 3 : 00000000`00000000 > Parameter 4 : ffffe000`4bc1b4c8 > Caused By Driver : ntoskrnl.exe > Caused By Address : ntoskrnl.exe+150ca0 > File Description : NT Kernel & System > Product Name : Microsoft® Windows® Operating System > Company : Microsoft Corporation > File Version : 6.3.9600.17736 (winblue_r9.150322-1500) > Processor : x64 > Crash Address : ntoskrnl.exe+150ca0 > Stack Address 1 : > Stack Address 2 : > Stack Address 3 : > Computer Name : > Full Path : C:\WINDOWS\Minidump\072715-48062-01.dmp > Processors Count : 4 > Major Version : 15 > Minor Version : 9600 > Dump File Size : 281,520 > Dump File Time : 27/07/2015 05:01:58 pm > ================================================== > > Frustratingly, since there are so many variables involved (unscientific > method!), it seems like I'm playing a Jenga game with trying to make this > work, since if I remove, or change something, it works for a little while, > and then crashes in a creative, new way. (And I don't want to reinstall > everything, since I don't have a disk big enough to back everything up). :( > > I've uploaded a copy of the Nurago Web Meter to > https://dl.dropboxusercontent.com/u/670345/nurago%20web%20meter.exe, and > I seem to also have an older installer for it in my "Downloads" directory, > which may exercise the LSP architecture of WinSock differently. > > The SYSTEM_SERVICE_EXCEPTION error is interesting, as it is one of the few > that reveals a problem in WinSock/NDIS... > > I would try it in a virtual machine - but it wouldn't get us any closer to > diagnosing why it fails to work, with my not-so-unique configuration. > > Tyson. > > 2015-07-28 7:27 GMT+01:00 Yang Luo <hslu...@gmail.com>: > >> >> >> On Mon, Jul 27, 2015 at 10:42 PM, Tyson Key <tyson....@gmail.com> wrote: >> >>> After rebooting from uninstalling MS NetMon, I restarted Wireshark, and >>> got the usual "NPF service not running; no interfaces available" note. This >>> persists, even if I try "NPFInstall -r", and Wireshark still claims that no >>> interfaces are available. >>> >>> >> "*NPFInstall -r*" isn't used in Npcap. "*NPF service not running; no >> interfaces available*" is a common problem for Npcap previous versions. >> And I think it should disappear if you have uninstalled previous versions >> totally. >> >> >>> Eventually, after uninstalling NPCap, removing all of the loopback >>> interfaces, and running CCleaner to remove any residual registry data, and >>> then rebooting yet again, I could start Wireshark, and list the installed >>> interfaces - but unsurprisingly, a few moments later, I received another >>> BSoD. >>> >>> If it helps, my Wireshark version is: >>> >>> Version 1.99.8-492-g3f0f49d (v1.99.8rc0-492-g3f0f49d from master) >>> >>> Copyright 1998-2015 Gerald Combs <ger...@wireshark.org> and >>> contributors. >>> License GPLv2+: GNU GPL version 2 or later < >>> http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> >>> This is free software; see the source for copying conditions. There is NO >>> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR >>> PURPOSE. >>> >>> Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.12.16, with Pango >>> 1.36.8, with >>> WinPcap (unknown), with libz 1.2.8, with GLib 2.42.0, with SMI 0.4.8, >>> with >>> c-ares 1.9.1, with Lua 5.2, with GnuTLS 3.2.15, with Gcrypt 1.6.2, with >>> MIT >>> Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 22 2015), with >>> AirPcap. >>> >>> Running on 64-bit Windows 8.1, build 9600, with locale English_United >>> Kingdom.1252, with Npcap version 0.01 (packet.dll version 0.03), based on >>> WinPcap version 4.1.3 (packet.dll version 4.1.0.3001), based on libpcap >>> version >>> 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, >>> without >>> AirPcap. >>> AMD A6-5200 APU with Radeon(TM) HD Graphics (with SSE4.2), with >>> 5577MB of >>> physical memory. >>> >>> >>> Built using Microsoft Visual C++ 12.0 build 31101 >>> >>> Wireshark is Open Source Software released under the GNU General Public >>> License. >>> >>> Check the man page and http://www.wireshark.org for more information. >>> >> >> I used Wireshark latest stable version: Version 1.12.6 >> (v1.12.6-0-gee1fce6 from master-1.12). But I don't think it makes a >> difference by using stable version or development version, as its WinPcap >> related low-level code rarely changed between these two versions. >> >> >>> >>> Other than NetMon (which I've removed), the only other things that I >>> think could be causing a conflict are either the VMware host-only >>> networking filters; the networking components included with whatever >>> Bluetooth stack Lenovo shipped; the massive pile of hacks installed by the >>> Gacela component of "Nurago Web Meter", or my Atheros WLAN drivers (which >>> caused Acrylic Wi-Fi's NDIS filters to crash, when I briefly had that >>> installed, a while ago). >>> >> >> What version VMware are you using? Workstation or just Player? I used >> VMware Workstation 11.1.2 build-2780323 on my host, but I didn't install it >> on my test VM yet. >> >> >> Cheers, >> Yang >> >> >> ___________________________________________________________________________ >> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives: https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org >> ?subject=unsubscribe >> > > > > -- > Fight Internet Censorship! > http://www.eff.org > http://vmlemon.wordpress.com | Twitter/FriendFeed/Skype: vmlemon | > 00447934365844 > -- Fight Internet Censorship! http://www.eff.org http://vmlemon.wordpress.com | Twitter/FriendFeed/Skype: vmlemon | 00447934365844
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
