Call: 797 SetFlag: 2=0 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) Jump: 891 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) Jump: 935 Jump: 964 Current time UTC: 2024-11-30 19:26:45 Npcap Installer version 1.79 Command line: '"C:\Users\HARMON~1\AppData\Local\Temp\nsc9BA2.tmp\npcap-1.79.exe" /loopback_support=no' Call: 1438 Jump: 1470 DetailPrint: Windows CurrentVersion: 10.0.22631 (Win10) Call: 265 Call: 265 Jump: 1072 Call: 1998 SetFlag: 13=6 File: overwriteflag=0, allowskipfilesflag=2, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\modern-header.bmp" File: wrote 70976 to "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\modern-header.bmp" WriteINIStr: wrote [Field 1] State=0 in C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\options.ini Jump: 1100 WriteINIStr: wrote [Field 2] State=0 in C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\options.ini Jump: 1113 WriteINIStr: wrote [Field 3] State=0 in C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\options.ini Jump: 1126 WriteINIStr: wrote [Field 4] State=0 in C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\options.ini Jump: 1139 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\InstallOptions.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\InstallOptions.dll" (overwriteflag=1) Jump: 1174 Jump: 1179 Jump: 1184 Jump: 1189 New install of "Npcap 1.79" to "C:\Program Files\Npcap" Section: "WinPcap" CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp" (1) File: overwriteflag=0, allowskipfilesflag=0, name="NPFInstall.exe" File: wrote 308096 to "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\NPFInstall.exe" Call: 265 IfFileExists: file "C:\Program Files\Npcap\uninstall.exe" exists, jumping 0 Jump: 1767 IfFileExists: file "C:\Program Files\Npcap\uninstall.exe" exists, jumping 0 Call: 1687 WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap" "Start"="0x00000003" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap_wifi" "Start"="0x00000004" Call: 1249 SetFlag: 2=0 DetailPrint: RunUninstaller: "C:\Program Files\Npcap\uninstall.exe" /Q /keep_logs=yes /no_kill=no _?=C:\Program Files\Npcap settings logging to 0 Call: 100 Call: 104 Jump: 121 Jump: 138 Call: 142 Jump: 200 Jump: 162 Jump: 232 Call: 142 Jump: 162 Call: 693 Delete: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp" CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp" (0) CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp" created File: overwriteflag=0, allowskipfilesflag=2, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\modern-header.bmp" File: wrote 70976 to "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\modern-header.bmp" Call: 97 Aborting: "" New install of "Npcap 0.992" to "C:\Program Files\Npcap" Section: "Uninstall" detailprint: Reading service options from registry Call: 453 Call: 416 Jump: 429 IfFileExists: file "C:\Program Files\Npcap\npf.sys" does not exist, jumping 599 Call: 284 Jump: 313 Jump: 316 detailprint: Windows CurrentVersion: 10.0 (Win10) detailprint: Trying to stop the driver.. Call: 462 Jump: 475 detailprint: Stopping the npcap driver Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" File: wrote 6656 to "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" (overwriteflag=1) Call: 355 Jump: 380 Delete: "C:\WINDOWS\system32\Npcap\wpcap.dll" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\wpcap.dll") IfFileExists: file "C:\WINDOWS\system32\Npcap\wpcap.dll" does not exist, jumping 388 Delete: "C:\WINDOWS\system32\Npcap\Packet.dll" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\Packet.dll") IfFileExists: file "C:\WINDOWS\system32\Npcap\Packet.dll" does not exist, jumping 396 Delete: "C:\WINDOWS\system32\Npcap\NpcapHelper.exe" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\NpcapHelper.exe") Delete: "C:\WINDOWS\system32\Npcap\WlanHelper.exe" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\WlanHelper.exe") RMDir: "C:\WINDOWS\system32\Npcap" RMDir: RemoveDirectory("C:\WINDOWS\system32\Npcap\") Call: 693 File: overwriteflag=1, allowskipfilesflag=2, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\System.dll" File: wrote 10752 to "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\System.dll" Call: 355 Jump: 380 Delete: "C:\WINDOWS\system32\Npcap\wpcap.dll" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\wpcap.dll") IfFileExists: file "C:\WINDOWS\system32\Npcap\wpcap.dll" does not exist, jumping 388 Delete: "C:\WINDOWS\system32\Npcap\Packet.dll" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\Packet.dll") IfFileExists: file "C:\WINDOWS\system32\Npcap\Packet.dll" does not exist, jumping 396 Delete: "C:\WINDOWS\system32\Npcap\NpcapHelper.exe" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\NpcapHelper.exe") Delete: "C:\WINDOWS\system32\Npcap\WlanHelper.exe" Delete: DeleteFile("C:\WINDOWS\system32\Npcap\WlanHelper.exe") RMDir: "C:\WINDOWS\system32\Npcap" RMDir: RemoveDirectory("C:\WINDOWS\system32\Npcap\") Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\System.dll" (overwriteflag=1) Call: 350 Delete: "C:\Program Files\Npcap\LICENSE" Delete: DeleteFile("C:\Program Files\Npcap\LICENSE") Delete: "C:\Program Files\Npcap\DiagReport.bat" Delete: DeleteFile("C:\Program Files\Npcap\DiagReport.bat") Delete: "C:\Program Files\Npcap\DiagReport.ps1" Delete: DeleteFile("C:\Program Files\Npcap\DiagReport.ps1") Delete: "C:\Program Files\Npcap\FixInstall.bat" Delete: DeleteFile("C:\Program Files\Npcap\FixInstall.bat") Call: 249 Call: 316 Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" (overwriteflag=1) Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" (overwriteflag=1) detailprint: The npcap service for Win7, Win8 and Win10 was successfully deleted Jump: 333 IfFileExists: file "C:\Program Files\Npcap\loopback.ini" does not exist, jumping 675 Call: 399 Jump: 411 Delete: "C:\Program Files\Npcap\npcap.sys" Delete: DeleteFile("C:\Program Files\Npcap\npcap.sys") Delete: "C:\Program Files\Npcap\npcap.inf" Delete: DeleteFile("C:\Program Files\Npcap\npcap.inf") Delete: "C:\Program Files\Npcap\npcap_wfp.inf" Delete: DeleteFile("C:\Program Files\Npcap\npcap_wfp.inf") Delete: "C:\Program Files\Npcap\npcap.cat" Delete: DeleteFile("C:\Program Files\Npcap\npcap.cat") Delete: "C:\WINDOWS\system32\drivers\npcap.sys" Call: 693 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll" (overwriteflag=1) DeleteRegKey: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" DeleteRegKey: "HKEY_LOCAL_MACHINE\Software\Npcap" Delete: "C:\Program Files\Npcap\NPFInstall.exe" Delete: DeleteFile("C:\Program Files\Npcap\NPFInstall.exe") Delete: "C:\Program Files\Npcap\uninstall.exe" Delete: DeleteFile("C:\Program Files\Npcap\Uninstall.exe") Delete: DeleteFile failed("C:\Program Files\Npcap\Uninstall.exe") Delete: "C:\Program Files\Npcap\loopback.ini" RMDir: "C:\Program Files\Npcap" RMDir: RemoveDirectory("C:\Program Files\Npcap\") RMDir: RemoveDirectory failed("C:\Program Files\Npcap\") Jump: 693 Jump: 76 Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\modern-header.bmp") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\nsExec.dll") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\System.dll") RMDir: RemoveDirectory("C:\Users\HARMON~1\AppData\Local\Temp\nslCAB0.tmp\") logging set to 1 Delete: "C:\Program Files\Npcap\uninstall.exe" Delete: DeleteFile("C:\Program Files\Npcap\Uninstall.exe") RMDir: "C:\Program Files\Npcap" RMDir: RemoveDirectory("C:\Program Files\Npcap\") RMDir: RemoveDirectory failed("C:\Program Files\Npcap\") SetFlag: 2=0 Call: 1210 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) No processes using Npcap CreateDirectory: "C:\Program Files\Npcap" (1) Call: 1472 File: overwriteflag=0, allowskipfilesflag=0, name="LICENSE" File: wrote 11784 to "C:\Program Files\Npcap\LICENSE" File: overwriteflag=0, allowskipfilesflag=0, name="DiagReport.bat" File: wrote 1073 to "C:\Program Files\Npcap\DiagReport.bat" File: overwriteflag=0, allowskipfilesflag=0, name="DiagReport.ps1" File: wrote 18078 to "C:\Program Files\Npcap\DiagReport.ps1" File: overwriteflag=0, allowskipfilesflag=0, name="FixInstall.bat" File: wrote 2513 to "C:\Program Files\Npcap\FixInstall.bat" Sleep(100) File: overwriteflag=0, allowskipfilesflag=0, name="Uninstall.exe" File: wrote 1081032 to "C:\Program Files\Npcap\Uninstall.exe" Call: 1907 CreateDirectory: "C:\WINDOWS\system32\Npcap" (1) CreateDirectory: "C:\WINDOWS\system32\Npcap" created Call: 1902 File: overwriteflag=0, allowskipfilesflag=0, name="wpcap.dll" File: wrote 420224 to "C:\WINDOWS\system32\Npcap\wpcap.dll" File: overwriteflag=0, allowskipfilesflag=0, name="Packet.dll" File: wrote 174464 to "C:\WINDOWS\system32\Npcap\Packet.dll" File: overwriteflag=0, allowskipfilesflag=0, name="NpcapHelper.exe" File: wrote 129920 to "C:\WINDOWS\system32\Npcap\NpcapHelper.exe" File: overwriteflag=0, allowskipfilesflag=0, name="WlanHelper.exe" File: wrote 216448 to "C:\WINDOWS\system32\Npcap\WlanHelper.exe" CreateDirectory: "C:\Program Files\Npcap" (1) File: overwriteflag=0, allowskipfilesflag=0, name="NPFInstall.exe" File: wrote 308096 to "C:\Program Files\Npcap\NPFInstall.exe" Call: 1924 DetailPrint: Installing NDIS6 x64 driver for Win10 CreateDirectory: "C:\Program Files\Npcap" (1) File: overwriteflag=0, allowskipfilesflag=0, name="npcap.sys" File: wrote 69984 to "C:\Program Files\Npcap\npcap.sys" File: overwriteflag=0, allowskipfilesflag=0, name="npcap.cat" File: wrote 12824 to "C:\Program Files\Npcap\npcap.cat" File: overwriteflag=0, allowskipfilesflag=0, name="npcap.inf" File: wrote 9003 to "C:\Program Files\Npcap\npcap.inf" File: overwriteflag=0, allowskipfilesflag=0, name="npcap_wfp.inf" File: wrote 2436 to "C:\Program Files\Npcap\npcap_wfp.inf" Jump: 1950 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) Call: 1616 WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Npcap" "AdminOnly"="0x00000000" WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Npcap" "WinPcapCompatible"="0x00000000" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Npcap" ""="C:\Program Files\Npcap" Call: 1918 CreateDirectory: "C:\WINDOWS\system32\Npcap" (1) CreateDirectory: "C:\WINDOWS\system32\Npcap" created Call: 1913 File: overwriteflag=0, allowskipfilesflag=0, name="wpcap.dll" File: wrote 491392 to "C:\WINDOWS\system32\Npcap\wpcap.dll" File: overwriteflag=0, allowskipfilesflag=0, name="Packet.dll" File: wrote 220032 to "C:\WINDOWS\system32\Npcap\Packet.dll" File: overwriteflag=0, allowskipfilesflag=0, name="NpcapHelper.exe" File: wrote 156544 to "C:\WINDOWS\system32\Npcap\NpcapHelper.exe" File: overwriteflag=0, allowskipfilesflag=0, name="WlanHelper.exe" File: wrote 266624 to "C:\WINDOWS\system32\Npcap\WlanHelper.exe" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll" (overwriteflag=1) WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "UninstallString"=""C:\Program Files\Npcap\uninstall.exe"" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "QuietUninstallString"=""C:\Program Files\Npcap\uninstall.exe" /S" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "DisplayIcon"="C:\Program Files\Npcap\uninstall.exe" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "UninstallPath"="C:\Program Files\Npcap" Call: 1534 CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp" (1) SetFlag: 2=0 File: overwriteflag=0, allowskipfilesflag=0, name="0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43.sst" File: wrote 1397 to "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43.sst" Call: 1477 DetailPrint: Removing 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43 from store "Root" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1512 DetailPrint: Adding 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43 to store "Root" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Delete: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\0563b8630d62d75abbc8ab1e4bdfb5a899b24d43.sst" Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43.sst") CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp" (1) SetFlag: 2=0 File: overwriteflag=0, allowskipfilesflag=0, name="5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.sst" File: wrote 1263 to "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.sst" Call: 1477 DetailPrint: Removing 5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25 from store "Root" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1512 DetailPrint: Adding 5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25 to store "Root" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Delete: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25.sst" Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.sst") CreateDirectory: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp" (1) SetFlag: 2=0 File: overwriteflag=0, allowskipfilesflag=0, name="signing.p7b" File: wrote 7347 to "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\signing.p7b" Call: 1499 DetailPrint: Adding signing.p7b to store "TrustedPublisher" Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Delete: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\signing.p7b" Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\signing.p7b") DetailPrint: Clearing Npcap entries from driver store Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) DetailPrint: Installing WFP callout driver Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) DetailPrint: Installing NDIS filter driver Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) DetailPrint: The npcap service was successfully created Jump: 1616 DetailPrint: Writing service options to registry Call: 1625 WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap" "Start"="0x00000001" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "LoopbackSupport"="0x00000001" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "DltNull"="0x00000001" WriteRegStr: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "Edition"="Npcap" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "AdminOnly"="0x00000000" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "Dot11Support"="0x00000000" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "VlanSupport"="0x00000000" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\Parameters" "WinPcapCompatible"="0x00000000" Call: 1684 WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap" "Start"="0x00000001" WriteRegDWORD: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap_wifi" "Start"="0x00000004" Call: 1676 DetailPrint: Starting the npcap driver Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) Jump: 1866 WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "DisplayName"="Npcap" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "DisplayVersion"="1.79" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "Publisher"="Nmap Project" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "URLInfoAbout"="https://npcap.com/" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "URLUpdateInfo"="https://npcap.com/#download" WriteRegStr: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "InstallLocation"="C:\Program Files\Npcap" WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "VersionMajor"="0x00000001" WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "VersionMinor"="0x0000004f" WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "NoModify"="0x00000001" WriteRegDWORD: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NpcapInst" "NoRepair"="0x00000001" Call: 1690 CreateDirectory: "C:\Program Files\Npcap" (1) File: overwriteflag=0, allowskipfilesflag=0, name="CheckStatus.bat" File: wrote 815 to "C:\Program Files\Npcap\CheckStatus.bat" DetailPrint: Creating npcapwatchdog scheduled task Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll" (overwriteflag=1) DetailPrint: Scheduled task created. Jump: 27 Call: 1998 SetFlag: 13=6 File: overwriteflag=1, allowskipfilesflag=0, name="C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\InstallOptions.dll" File: skipped: "C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\InstallOptions.dll" (overwriteflag=1) Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\final.ini") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\InstallOptions.dll") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\modern-header.bmp") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\NPFInstall.exe") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\nsExec.dll") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\options.ini") Delete: DeleteFile("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\System.dll") RMDir: RemoveDirectory("C:\Users\HARMON~1\AppData\Local\Temp\nsxC0AF.tmp\")