I am trying to remove Wireshark from my computer, but upon uninstalling, I immediately receive an error message "rawshark.exe could not be removed. Is it in use?" I am having difficulty finding a way to end the rawshark.exe process - no rawshark.exe process shown in task manager.

I am running Windows 7. Thanks in advance.


rawshark.exe is part of the Wireshark install, but isn't normally started unless requested by the user. As it's a command line utility double clicking it from explorer or running it from the command line with parameters just causes an error response and the program exits.

Have you clicked the Task Manager button "Show processes from all users"? Have you tried rebooting and running the uninstall again? I suppose it's possible that some other process is starting rawshark, but it should still show up in Task Mgr if so.

It's possible that rawshark isn't running but some other app has a "lock" on the file, possibly a virus scanner.

I tried the task manager and reboot already, and now looked in the "Show processes from all users", but still no luck. If there were a lock on the file, which is possible (I'm running Norton360), do you have ideas as to how to get it unlocked?

did you try to delete rawshark.exe manually?

If the file is "locked" then you probably won't be able to delete it. I use a utility Unlocker for occasions such as this.

I was able to delete rawshark manually, though received the same error message for another associated .exe file. After deleting all the .exe files in the Wireshark directory, I was able to fully uninstall. Thanks for the help, a bit of a workaround, but the end goal was reached.

Ran into the same problem when trying to install a Wireshark update on Win7.

But manually downloading the update and then running the Wireshark installer using the "Run as administrator" option worked without the need for any other workarounds.

I faced with the same problem. Everything that was needed is to run uninstaller with Admin permissions.

Run the Uninstaller at Admininstrater... it will remove everything

Go to your Startup menu

type in wireshark

click see more results link

Find the downloaded wireshark folder. It will contain an uninstall folder.

Double click this folder and the windows operating system will get you through the rest.

Go throuh these steps from the start and you will be able to delete all folders and captures pertaining to wireshark.

Done Deal

Right click uninstall.exe and select "run as Administrator"

