There are programs that are not easy to uninstall. Sometimes you can easily uninstall the said programs only to find out that they left a trail of files in C:\Program Files\ or C:\Program Files (86)\ that you then try to manually delete.
If all goes away and leaves your computer alone, great! You do not need this article. This article is for times when the program just won’t go away and reports that there is another system using it or another user currently running the program. If there is no user that you know of and there are not programs you are aware of that are still running the unwanted application:
- Try to kill the process in the Applications tab of your Windows Task Manager.
- If the problem persists, Check your Services tab of the Windows Task Manager and look for the name of the unwanted application or for anything related to it.
- If the application you are uninstalling had a server component, you will find it in the list of Services. (Hint: Sort the list by Name instead of PID you can at least identify the program by name.)
- Once you find the problematic service. Right mouse click on it to Stop the service and then try to delete the folder or application you had a hard time deleting.
- If that still does not let you remove it, then go ahead and run an elevated command prompt to run sc.exe
- The command sc.exe delete <service name> should help you completely remove or delete the service, where <service name> is the name of the service itself as you see it in the service management console, not of the exe.
- Finally try to delete the folder you were attempting to delete from C:\Program Files\ or wherever you had installed the application.
- If all none of the above solves the problem, there are certainly other methods out here. Let us know what did the trick for you by commenting below. (Pro Tip: Consider bringing in some of the big guns like the Process Explorer from Microsoft’s SysInternals Utilities).
The first time I used these logs is when I was running an audit to figure out whether a specific user has recently accessed my server using Remote Desktop Connection.
In order to identify who has recently had a full session remotely running on your server, you: look at the events located at these two places:
Event Viewer > Application and Service logs > Microsoft > Windows > TerminalServices – Local SessionManager > Operational
Event Viewer > Application and Service logs > Microsoft > Windows > TerminalServices – RemoteConnectionManager > Operational
To have any events logged in here, you have to at least have these things in place:
- You must be running the Windows Feature AppServer (Terminal Services Application Server)
- The specified logs must be enabled.
With these conditions in place, these logs show give you the user names and computer names of all Remote Desktop sessions that have taken place between your computer and other client devices for a certain duration of time. Of course the length of the log depends on the properties you have set for the logs (e.g. Enabled logging, Maximum log size, what to do when maximum event log size is reached, etc.).
Please note that these logs can also be used to diagnose and troubleshoot RDS sessions that disconnect in an apparently random way.
One other place you can check is your Event Viewer > Windows Logs > Security which should have audit log of successful and failed logons if you had activated the “Audit logon events” in Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy snap-in.
Finally, a rather simple way you can go about it is by using the command line as an administrator and typing the following command (more about it at the Windows Command Line reference below):
net user username | findstr /B /C:"Last logon"
Do you know of any other ways to achieve this audit? Please let us know in the comment section.
Some other useful resources include:
You have installed Windows Server 2008 R2, you have installed the application you want to make available to multiple endpoints on your LAN (Local Area Network), and you have even created your Share on the server. Good!
Then comes the time to setup the endpoints or client computers that will consume your application, but there is one problem, Ma’am/Sir! You cannot find the Share on the network. In fact, you cannot even find your server on the network!! What do you do?
You go to your Services on the server and enable the service named Computer Browser. This service is disabled by default. So, turn it on and you are good to go! Go check on the endpoints’ list of network devices on your LAN and you should see your server there. If you do not, please leave a comment here.
Some external help here from the people at Websense:
1.Make sure that Windows Network File Sharing is enabled.
a.Go to Start > Network > Network and Sharing Center.
b.In the Sharing and Discovery section, set File Sharing to On.
2.Go to Control Panel > Administrative Tools > Services.
3.Double-click Computer Browser to open the Properties dialog box.
4.Set the Startup type to Automatic.
6.Click OK to save your changes and close the Services dialog box.
And from the people at Microsoft Technet.
You know how you have some of those users who need a shortcut to log off their session on your server? Well, now you can make them one.
Just create a “log me off.bat” file on the desktop and edit it to contain the following string: shutdown /l
Notice: This is the letter “l” and not the number 1.
When they double click on that, they are out!
Oh, you can also customize the shortcut and change the ugly icon of bat files to something more relevant to the purpose of the code.