After you install WIRESHARK , you will receive the error “The NPF driver isn’t running” and there is not interface for trace. This is because the NPF service is not runnig by default.
To check the NPF service if running, you can run a command in command prompt (by Administrator)
sc qc npf
The output as below mean that the service will not auto start but manual start
C:\Users\KCYEAP>sc qc npf
[SC] QueryServiceConfig SUCCESSSERVICE_NAME: npf
TYPE : 1 KERNEL_DRIVER
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : system32\drivers\npf.sys
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : NetGroup Packet Filter Driver
DEPENDENCIES :
SERVICE_START_NAME :
So you need to start the service by
sc start npf
For set it to auto run, you can use the command
sc config npf start=auto