March 19, 2013

wireshark can not start capture because npf is not running under windows7.
solution : execute cmd.exe as administrator and type:

sc qc npf
this will display th state of npf. if it’s not running then type
sc start npf
if you want to set auto start type
sc config npf start=auto