The Core Technologies Blog

Professional Software for Windows Services / 24×7 Operation

Q&A: How do I Eliminate Errors from my C# Console App Windows Service?

How do I eliminate errors from my C# console app Windows Service?
  For a few years now, our company has been using AlwaysUp to run an internally developed C# console application as a service. The application checks a folder for incoming files and processes anything it finds. It runs every 30 seconds.

The application itself works fine. New files are discovered quickly and we have a system that works reliably 24/7.

The only problem is that we’re seeing hundreds of errors in the activity report:

Activity report: Unable to restart the application

Have you ever had this reported before? Can you recommend some ways to help us avoid the errors?

— Clayton

Hi Clayton. Thanks for supporting our software!

By default, AlwaysUp’s mission is to run your application 24/7 — with no interruptions.

However, your program runs periodically. That’s perfectly fine, but you should make a couple of tweaks to have AlwaysUp tolerate the frequent stops and starts.

Tweak #1: Minimize the logging around expected starts & stops

First, understand that AlwaysUp is a chatty babysitter. 🙂

Whenever the application it’s watching starts or stops, AlwaysUp writes an informative entry to the Windows Event Log.

For example, you will see one of these messages when AlwaysUp starts (or restarts) your C# program:

The application has been started

The application has been restarted (run #number)

And AlwaysUp writes similar entries when the application crashes or stops for any reason.

For customers running applications continuously — like Dropbox, OneDrive or VirtualBox — those messages are helpful. They highlight the rare occasions where the application runs into trouble and needs attention.

But your scenario is different. AlwaysUp launches your application every 30 seconds. As a result, AlwaysUp will inundate your activity log with useless messages.

Fortunately, our team has already designed an easy way to eliminate the spurious log entries. Please:

  1. Edit your application in AlwaysUp

  2. Move to the Restart tab

  3. Check the Minimize event logging as the application starts & stops box:

    Minimize Event Logging
  4. Save your changes.

That adjustment will prevent AlwaysUp from filling up your event logs. Restart your C# application and you will notice that the activity report is much less verbose.

Tweak #2: Make AlwaysUp tolerate “quick exits”

From the detailed logs you sent, each of the three runs completed in less than 1 second. That’s very fast, and the quick turnaround confuses AlwaysUp.

In fact, because your C# application does its work and exits so quickly, AlwaysUp thinks that your application failed to start at all!

And with that conclusion, AlwaysUp immediately runs your program again.

The result is the cycle you see in your logs — the repeated, rapid fire running of your console application.

The solution to the problem is to tell AlwaysUp to not to panic if your application completes quickly. To do so:

  1. Create an empty file called alwaysup-dont-panic-on-quick-exit.txt in your AlwaysUp installation directory (likely C:\Program Files (x86)\AlwaysUp):

    Create the quick-exit file
  2. Restart your application in AlwaysUp.

The presence of that “magic” file signals AlwaysUp to tolerate your application’s speedy exit and avoids the unnecessary restarts.

Best of luck with your C# console application!

Posted in AlwaysUp | Tagged , , | 4 Comments

Essential Windows Services: Security Center / wscsvc

Security Center Service (wscsvc)

What is the Security Center (wscsvc) service?

The Security Center service is an important “watchdog” focused on protecting your computer.

From the service’s description:

 The Security Center service monitors and reports security health settings on the computer.

Those health settings include:

  • Firewall (on/off)

  • Antivirus (on/off/out of date)

  • Antispyware (on/off/out of date)

  • Windows Update (automatically/manually download and install updates)

  • User Account Control (on/off)

  • Internet settings (recommended/not recommended)

In summary, Security Center’s purpose is to let you know when your computer’s defenses are down.

To illustrate how the service works, we turned off the Windows Firewall (which protects your PC from outside attackers). A couple of seconds later, Security Center raised a warning on our desktop, urging us to re-enable the firewall:

Security Center Windows Firewall alert

Technical information

The service’s name is wscsvc. It runs inside the shared services host process, svchost.exe:

wscsvc service

The service’s startup type is Automatic (Delayed Start). As a result, Windows launches the service a couple of minutes after your machine boots.

wscsvc runs in the built-in Local Service account:

wscsvc service: Log On

What happens if I stop Security Center?

Since Security Center safeguards your machine, stopping the service may leave you in the dark about your computer’s defenses. For that reason, Microsoft has made it very difficult for you to stop the Security Center service.

In fact, not even members of the powerful Administrators group can stop (or change) the service! If you open the Services application, you will notice that all the command buttons are disabled:

Security Center: Administrator permissions

In our research, we identified only three obscure, built-in Windows accounts that have enough rights to stop Security Center. Those accounts are DcomLaunch, SecurityHealthService and TrustedInstaller:

Security Center: Special user accounts

Clearly, Microsoft has taken great pains to “lock down” the Security Center service. Best to heed their advice; do not try to stop it.

Is it OK to disable the Security Center service?

Again, because of tight security settings, you will not be able to disable the service from the Services application. And the SC command won’t work either:

Disabling wscsvc with SC

However, if you are hell bent on hobbling the service, you can try hacking the registry. Setting the Start value in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc key to 4 should do the trick. You may have to reboot afterwards.

But don’t be surprised if that fails too. For example, Windows 11 restricts access to the registry key to a few built-in accounts. Not even an administrator can update the registry entry. And as you can see, Windows rebuffed our attempt to change the registry value:

Failed to disable wscsvc

Caveat emptor!

Questions? Problems?

If you would like to know more about the Security Center service — or if you have a specific problem with it — please feel free to get in touch. We will do our best to help you!

Posted in Windows Services | Tagged , , , , | Leave a comment

Q&A: Why can’t AlwaysUp Open the Netman Service?

Why can't AlwaysUp Open the Netman Service?
  Hi Team,

AlwaysUp can start Thunderbird as a Windows Service and it runs without any problems. But I always get the following warnings:

Unable to ensure that networking components are running: Netman: Unable to open the service: Zugriff verweigert. AlwaysUpService will pause for a few seconds and try again.

Unable to ensure that networking components are running: Netman: Unable to open the service: Zugriff verweigert.

(“Zugriff verweigert” means “Access denied” in English.)

Thunderbird is running as a NON-admin-user on this server.

Is there a way to stop these warnings, or should I just ignore them?

— Oliver

Hi Oliver, thanks for reaching out.

It’s your choice how to handle the warnings. You can ignore the messages because they don’t impact Thunderbird. Or with a few small changes, you can eliminate them altogether. Let’s dig into the details.

Why your Thunderbird service generates the “Access denied” warning

Windows reports the “access denied error” whenever someone tries to perform an operation that they are not allowed to. Think of it as Windows saying “no, you can’t do that”.

In your case, the message is reported because the account you have specified on the AlwaysUp Logon tab doesn’t have enough rights to open the Network Connections (Netman) Windows Service.

That is not a surprise. As you mentioned, you are running Thunderbird as a non-administrative user. And typically, only administrators have access to core services like Netman.

We have investigated this situation with other customers before. Each time, we concluded that the warning could be ignored. That’s because Netman — which handles client network configuration — was already running by the time AlwaysUp started.

However, we also have a couple of solutions for you if ignoring the warnings isn’t good enough.

Solution #1: Delay startup instead of checking the network

Since Thunderbird communicates over the network, it’s good to have AlwaysUp confirm that the network is up before it launches the application. If not, Thunderbird could start too soon and fail.

In those situations, we recommend checking the Ensure that the Windows networking components have started box on the Startup tab:

Ensure that the Windows networking components have started

However, when that box is checked, AlwaysUp tries to open the Netman service. And that is precisely what fails in your case!

So let’s think outside the box. Since AlwaysUp cannot directly wait for the network to start, instead let’s delay AlwaysUp to give the networking components enough time to start.

To do that:

  1. Uncheck the Ensure that the Windows networking components have started box on the Startup tab

  2. On the General tab, choose Automatically, but shortly after the computer boots in the Start the application field:

    Start your application shortly after boot
  3. Save your changes.

With that adjustment in place, Windows will start your Thunderbird Windows Service about 2 minutes after your computer boots. Netman (and other critical services) should definitely be running by then.

Solution #2: Grant your non-admin user rights to the Network Connections Windows Service

If delaying Thunderbird at boot is not acceptable, you can take direct action on the Netman service instead. By allowing your non-admin user to check the Netman service, you can avoid the annoying “access denied” message altogether.

To update Netman’s permissions:

  1. Download our free Service Security Editor utility

  2. Start Service Security Editor

  3. Select Network Connections from the drop-down list and click Open:

    Open Network Connections service
  4. In the Service Security Settings window, add the non-admin user and grant them the Read permission (at minimum):

    Update Netman service security settings
  5. Click OK to save your changes.

And now that your non-admin user has permission to check the state of the Network Connections service, you won’t see the warning anymore.

Happy emailing!

Posted in AlwaysUp | Tagged , , , , , , | Leave a comment

Q&A: Why does AlwaysUp Think my Application Stopped?

Why does AlwaysUp Think my Application Stopped?
  Dear AlwaysUp support,

We frequently get the following warning:

AlwaysUpService has detected that the application has stopped.

However, in the logs of our application we can’t see anything pointing to the reason why the application stopped.

Why does AlwaysUp believe our application stopped? What is the criteria for the decision, that an application is considered as stopped?

Our application handles complex tasks. When it’s very busy, it might appear to hang. Could that be a reason for AlwaysUp to say it stopped?

I am pretty sure the process — normally visible in Task Manager — is not stopped, but I’m not 100% sure and I can not prove it. I am wondering if AlwaysUp might close the app by mistake.

— Adrian

Hi Adrian.

Don’t worry! With a little detective work, we should be able to figure out what’s going on.

But first, let’s review how AlwaysUp monitors your application.

How AlwaysUp determines that your application stopped

After AlwaysUp launches your application as a service, it’s primary task is to watch your application and ensure that it’s always running. As such, AlwaysUp performs a battery of tests every few seconds to detect if your application is in trouble.

The most important check involves the state of your application’s process. But what is a process?

When Windows runs your application, it creates a process to track that specific instance of your running application. That process has an identifier (ID) and is visible on the “Details” tab in the Task Manager.

For example, process 9088 was created after we opened Notepad on our desktop:

Task Manager: Notepad Process

And when we quit Notepad, process 9088 exited and disappeared from Task manager’s list.

Basically, a process tracks the lifetime of a running application. And everything running on your computer has at least one underlying process.

With that in mind, let’s return to AlwaysUp.

When AlwaysUp launches your application, Windows creates a process and returns it to AlwaysUp. Going forward, every two seconds, AlwaysUp asks Windows if the process is still alive or not. You can think of it like AlwaysUp opening the Task Manager and checking if the process is still on the list.

So when AlwaysUp says that your application has stopped, it’s because the application’s process is no longer active. In effect, the process has fallen off Task Manager’s list.

Investigate with Process Explorer

Have you ever used Microsoft’s free Process Explorer? It’s an amazing tool that can help you figure out what’s running on your machine — and why. Around here, we call it “Task Manager on steroids”. 🙂

Download Process Explorer and extract the zip file to your hard drive. We’ll need it for the next steps.

Dig into the tree of processes under AlwaysUp

Start Process Explorer. It will show all the applications running on your computer.

The leftmost Process column displays the hierarchical relationships between the processes. For example, if “Process A” started “Process B”, you will see “Process B” as a child of “Process A”. “Process B” will be displayed underneath “Process A”.

Now, let’s roll up our sleeves. If you haven’t already done so, please start your application in AlwaysUp. Afterwards, switch back to Process Explorer.

In the Process column, find AlwaysUpService.exe. That is the part of AlwaysUp that runs your application as a Windows Service. It will be a child of services.exe — the Windows Services Control Manager.

Your application should appear under AlwaysUpService.exe. For example, you can see that parent-child relationship when AlwaysUp is running Microsoft OneDrive as a service:

Process Explorer: AlwaysUp running OneDrive

Does your application appear as a child of AlwaysUpService.exe?

Are other processes displayed in the tree as well?

Is this a “launcher” situation, where the application you provided to AlwaysUp starts another program and exits?

Look for anything unusual that may trick AlwaysUp into thinking that your application has stopped even though it’s still running.

Find out when your application started

If you think that your application hasn’t stopped, you should confirm that hypothesis with Process Explorer. Double-click your application’s entry to bring up the Properties window and look for the Started field.

For example, Process Explorer tells us that AlwaysUp last started OneDrive at 12:21:32 PM on March 27 2022:

Process Explorer: OneDrive start time

If everything is working as expected, the start time should be close to the time reported in the AlwaysUp logs. Please be sure to let us know if the times are different because that would indicate a bug in AlwaysUp.

Best of luck with your application!

Posted in AlwaysUp | Tagged , , , | Leave a comment