When starting Wireshark On a new Windows7 box, getting error
“The NPF driver isn’t running. You may have trouble capturing or listing interfaces”
this error refers to Wincap.
Checking to see if Netgroup PF is installed , open the Computer Management console:
- Start | compmgmt.msc |OK
- system tools > Device Manager
- menu : view | show Hidden Devices
- system tools > Device Manager > Non-Plug and Play Drivers | NetGroup Packet Filter Driver
if not available, then download Wincap from here.
bring up a command prompt (as administrator) :
C:\Windows\system32>sc qc npf
[SC] QueryServiceConfig SUCCESS SERVICE_NAME: npf TYPE : 1 KERNEL_DRIVER START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : system32\drivers\npf.sys LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : NetGroup Packet Filter Driver DEPENDENCIES : SERVICE_START_NAME :
all that was needed was to start it
C:\Windows\system32>sc start npf
and then change it to start automatically
C:\Windows\system32>sc config npf start= auto [SC] ChangeServiceConfig SUCCESS
Big Nose Kates 