UPDATE - November 13th, 2009: I have just successfully installed Wireshark 1.2.3 on 64-bit Windows 7 Ultimate. Version 1.2.3 includes WinPCAP 4.1.1 which supports Windows 7. I did not have to do anything special. I simply installed the Wireshark package.
UPDATE October 22nd, 2009: Johan indicates in the comments that version 4.1.1 of WinPcap has been released. He says that it works fine with Windows 7. I would install version 4.1.1 of WinPcap first and then install Wireshark and say no when it asks if you want to install WinPcap. I need to confirm, but the rest of this post should still hold true.
-------
I needed to do a packet capture on my Windows 7 box. With a certain amount of trepidation, I downloaded Wireshark (1.0.5) and ran the install.
Unfortunately, it did not work. However, I did not install the NPF driver as a service. I uninstalled and reinstalled, setting the NPF driver to start as a service.
Success. So, if you are installing Wireshark on Windows 7, make sure to check the option to start as a service. This allows non-administrative users to use Wireshark. I suspect UAC is getting in the way, but have not dug into it yet.
-Kevin
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=b04a4e7c-aa17-4b37-a641-392363a41736)
{ 29 comments… read them below or add one }
I tried installing without saving to disk first; no joy! Once I D/Led and saved to disk, I was able to start and complete the installation.
You can run wireshark with Administrator privilages. Then it works without NPF service.
Thanks!
Hi, i made the samething but when i try to capture the wireless signals the program doesnt find my wireless board, it is a realtek rtl8187b wireless 802.11b
it worked using “troublshoot compatibilty”
Thanks, it works!
Here it didn’t want to install winPcap(1.4.5??), stating the OS wasn’t supported. I used ‘troubleshoot compatibility’ as well, and there I got a mild error for ‘dialups and VPN connections’ from winPcap, but it installed ok.
I Have installed separately winpcap (first ) and Wireshark without winpcap in admin priviledge mode.. so it work.
see ya..
I have repeatedly tried to get wireshark to work on my win7 RC laptop. It installs under compatibility mode but winpcap gives an error bout not being able to use dial up or vpn. If I try to run wireshark it brings up the loading screen animation but then crashes and a crash report pops up stating that there is a fault with libwireshark.dll. Anyone have any ideas as to what could be causing this?
@ed,
I need to update this post. There is a problem with the latest version of WinPCAP and Windows RC 7. I got around it by installing the previous version of WinPCAP and then installing Wireshar as Geppo did above and not letting it install WinPCAP. I installed both as Administrator. This worked for me. I have exprienced the dial-up or vpn error yet.
Kevin
After installing WinPcap_4_1_beta5 (the 4.0.2 version will NOT work) in Vista Compatibility mode, everyting works cool!
So right click the WinPacap_4_1_beta5.exe, select “compatiblity -> Vista SP2″. Install it.
Then install wireshark 1.2.1 (without installing winpcap oft course. Deselect the checkbox. I also deselct “run as service”.
Capturing works fine now on my Win7 ultimate 64 bit.
It seems that only upto WinPCAP 4.0 works with Windows 7 newer version are throwing errors during the installation.
@Tyra – works great, thanks for the tip!
I am trying in under virutal machine in xp mode
Thanks for this, works like a charm!
Just tried Tyra’s method, works great.
thx dude!
Tyra’s way worked for me and works good.
thank you!
(Dell Lattitude E6500 w/ win7 64Bit)
Thank U so much!!!! Worked great!!
Thanks Tyra it worked…
I was also trying with the 4.0.2 version, which didn’t worked…
WinPcap ver 4.1.1 is now available and it works fine with windows 7 64-bit
@Johann
Sorry, it didn’t work for me. I’m using Windows 7 64-bit. I downloaded WinPcap 4.1.1 and tried:
1. Installing as administrator.
2. Installing in Vista SP2 compatibility mode
3. Running as administrator
All failed. When Winshark is started, it either complains about the NPF driver being missing, or else it doesn’t even start and just generates an error. Depending on which of the 3 methods above was used.
HI there I experienced the same problem as DaveM, I’m using windows 7 Home Premium 64bit, and when I start wireshark I have for a while the splash screen and then anything disappears.
Checking the running processes I haven’t found anything about winpcap and wireshark.
Any idea?
@DaveM and @andybi,
Did you keep the option selected to start the NPF service at startup? Two other things I can think of are firewall and Win 7 version. I would check to see if the firewall might be getting in the way. I am using Windows 7 Ultimate without any issues.
Kevin
Yes, I checked the option to start NFP service at startup.
The firewall either activated or not doesn’t change nothing.
I have a Win 7 64 oem version (official oct 22, final release) on my new pc, I tried to reinstall also windows, but nothing different.
Hi there solved with latest release 1.2.4 with a simple installation no tweaks
hey guyzzz…can ne 1 help me ?
i need 2 knoe how 2 find username or password of a dial up(pppoe) using wireshark
help pls….
I am trying to capture a 3G connection of my netbook in windows 7 starter, using winpcap 4.1.1 & wireshark 1.2.8, in the interface list the ethernet card and the wifi adapter are being shown, but my 3G modem not, I’ve also installed Microsoft Network Monitor 3.3, but still not appearing the interface, could you please help me? Tks AR.-
thxxxxxxxxxxxx alot
running wireshare as administrator on my win7 box worked. thanks!
{ 2 trackbacks }