Npcap driver service's registry key is usually in: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npf. In this key, you need to manually create a REG_DWORD value named TimestampMode,
the value can be (in decimal):
0, DEFAULT_TIMESTAMPMODE
1, TIMESTAMPMODE_SYNCHRONIZATION_ON_CPU_WITH_FIXUP
2, TIMESTAMPMODE_QUERYSYSTEMTIME
3, TIMESTAMPMODE_RDTSC (only supported on x86 systems)
99, TIMESTAMPMODE_SYNCHRONIZATION_ON_CPU_NO_FIXUP
If this value doesn't exsit, Npcap will regard TimestampMode as 0.
Don't forget to reboot the driver by net stop npf and net start npf to make this option change take effect.
You can also refer to https://www.wireshark.org/lists/wireshark-users/201008/msg00171.html and https://www.wireshark.org/lists/wireshark-users/201001/msg00125.html for the details about Timestamp Mode.