We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


Determine if an app or service is running remotely

Medium Priority
Last Modified: 2012-05-07
I have a venders server that has to applications running. One is a service and the 2nd is an application.  The problem is that 1 or both keep dying. They both have internal schedulers that cause them to wake up and create files and/or records as specific times during the day.  What I want to do is remotely query the system to determine is the agents are running, either via snmp or something else that would give me an indicating that the app/service is running.

Watch Question

Does the service in question have open ports?  Maybe a port scan if you simply just need to determine if the port is open.

Splunk has options to monitor services and such things locally and be accessible remotely.  Thats an avenue to explore anyhow.

pslist list the processes on computer
psservices list the services on computer
this can also be a remote computer.
these two tools are part of the pstools that can be downloaded from microsoft.
Make a simple batch file monitoring the process and service
pslist \\remotecomputer ProcessYouWantToSee
psservice \\remotecomputer query ServiceYouWantToSee
adapt the name to your needs. A user and password can also be given it that's needed.
Missed the fact this is posted in the VB forum. My mistake!

I have done monitoring of services in VB6 with the use of api's. Do you want to use VB6 or are you using something else of VB?

'go remote
Private Declare Function OpenSCManager Lib "advapi32.dll" Alias _
    "OpenSCManagerA" (ByVal lpMachineName As String, _
    ByVal lpDatabaseName As String, ByVal dwDesiredAccess As Long) As Long
'monitor services
Private Declare Function EnumServicesStatus Lib "advapi32.dll" Alias _
    "EnumServicesStatusA" (ByVal hSCManager As Long, _
    ByVal dwServiceType As Long, ByVal dwServiceState As Long, _
    lpServices As Any, ByVal cbBufSize As Long, pcbBytesNeeded As Long, _
    lpServicesReturned As Long, lpResumeHandle As Long) As Long


Do you have an example using the API(s) ?  The PsList looked promising as well, but I am running into a problem where I don't belong to the same domain as the vendors system. But I can build a system that belongs if I need to.



if the system is running in another domain then I would recommand trying with pslist and psservice.
In my case it was always in the same domain and with an user that had the necessary rights on the other system.

You can pass a user with pslist in the form of domain\username.
That way you don't need to belong to the domain.
Are you planning to using VB6 or VB.net or something else?


vb6 would be the first choice.


do you have an example using pslist and a domain\username, shouln't it look something like this:

pslist \\xxx.xxx.xxx.xxx  -uDomain\ID -pPW

Yes this is one way to use it
instead of ip-address you may place hostname, but since it's in another domain you should better choose ip-address
You can add a processname if you only want to see this specific process and not all the processes running.

the code below is only for a user that has access, so something will be needed extra to make it work for an other username.
' Return information on Windows NT services
' it returns an array of Variants, where
'   arrInfo(n, 0) is the service name (string)
'   arrInfo(n, 1) is the service display name (string)
'   arrInfo(n, 2) is the activation state of the service (enumerated)
'   arrInfo(n, 3) is the set of commands accepted by the service (enumerated)
' returns True if successful, False otherwise
' if any error, call Err.LastDLLError for more information
Function GetServicesInfo(arrInfo() As String, Optional BeginsWith As String) As Boolean
    Dim hSCM As Long
    Dim buffer As String * 256
    Dim bytesNeeded As Long
    Dim numberOfServices As Long
    Dim handleNext As Long
    Dim res As Long
    Dim ndx As Long, i As Long
    ' open the connection to Service Control Manager, exit if error
    'hSCM = OpenSCManager(vbNullString, vbNullString, _
    hSCM = OpenSCManager(WorkStation, vbNullString, _
    If hSCM = 0 Then Exit Function
    ' get buffer size in bytes, but without passing a buffer
    handleNext = 0
    EnumServicesStatus hSCM, SERVICE_WIN32, SERVICE_ALL, ByVal 0&, 0, _
        bytesNeeded, 0, handleNext
    ' we expect a MORE_DATA error
    If Err.LastDllError <> ERROR_MORE_DATA Then GoTo CleanUp
    ' evaluate the number of services
    ' original line: numberOfServices = bytesNeeded / 36
    ' patch proposed by Klaus Pater to make this routine compatible with
    ' WinNT/2000 workstation
    numberOfServices = bytesNeeded / 36 + 1
    ' Redimension the array to receive info on the services
    ReDim servicesinfo(1 To numberOfServices) As ENUM_SERVICE_STATUS
    ' do the call again, this time passing the actual buffer
    handleNext = 0
    res = EnumServicesStatus(hSCM, SERVICE_WIN32, SERVICE_ALL, servicesinfo(1), _
        Len(servicesinfo(1)) * numberOfServices, bytesNeeded, numberOfServices, _
    ' error if previous function returns zero
    If res = 0 Then GoTo CleanUp
    ' fill the result array
    ReDim arrInfo(1 To numberOfServices, 0 To 3)
    For ndx = 1 To numberOfServices
        ' move service name into buffer and then to the array
        lstrcpy ByVal buffer, ByVal servicesinfo(ndx).lpServiceName
        arrInfo(ndx, 0) = Left$(buffer, InStr(buffer, vbNullChar) - 1)
        ' move service display name into buffer and then to the array
        lstrcpy ByVal buffer, ByVal servicesinfo(ndx).lpDisplayName
        arrInfo(ndx, 1) = Left$(buffer, InStr(buffer, vbNullChar) - 1)
        ' move activation state and accepted commands into result array
        arrInfo(ndx, 2) = servicesinfo(ndx).ServiceStatus.dwCurrentState
        arrInfo(ndx, 3) = servicesinfo(ndx).ServiceStatus.dwControlsAccepted
    'Filter services and keep only service which begins with ...
    If BeginsWith <> "" Then
        Dim iteller As Integer
        Dim iTemp As Integer
        Dim iTs As Integer
        Dim TempArray() As String
        iTemp = 0
        iteller = 1
        ReDim TempArray(UBound(arrInfo), 3)
        Do While UBound(arrInfo, 1) >= iteller
            If InStr(1, arrInfo(iteller, 1), BeginsWith) > 0 Then
                iTs = 0
                Do While UBound(arrInfo, 2) >= iTs
                    TempArray(iTemp, iTs) = arrInfo(iteller, iTs)
                    iTs = iTs + 1
                iTemp = iTemp + 1
            End If
            iteller = iteller + 1
        arrInfo = TempArray
    End If
    ' return success
    GetServicesInfo = True
    ' close the SCM
    CloseServiceHandle hSCM
End Function
Public Function ServiceStatus(ComputerName As String, ServiceName As String) As String
    Dim ServiceStat As SERVICE_STATUS
    Dim hSManager As Long
    Dim hService As Long
    Dim hServiceStatus As Long
    ServiceStatus = ""
    If hSManager <> 0 Then
        hService = OpenService(hSManager, ServiceName, SERVICE_ALL_ACCESS)
        If hService <> 0 Then
            hServiceStatus = QueryServiceStatus(hService, ServiceStat)
            If hServiceStatus <> 0 Then
                Select Case ServiceStat.dwCurrentState
                Case SERVICE_STOPPED
                    ServiceStatus = "Stopped"
                Case SERVICE_START_PENDING
                    ServiceStatus = "Start Pending"
                Case SERVICE_STOP_PENDING
                    ServiceStatus = "Stop Pending"
                Case SERVICE_RUNNING
                    ServiceStatus = "Running"
                    ServiceStatus = "Coninue Pending"
                Case SERVICE_PAUSE_PENDING
                    ServiceStatus = "Pause Pending"
                Case SERVICE_PAUSED
                    ServiceStatus = "Paused"
                End Select
            End If
            CloseServiceHandle hService
        End If
        CloseServiceHandle hSManager
    End If
End Function

Open in new window


I chased down all the constants, and I can get it to work on the local system, but not on any remote systems.  Is there a trick to get it to query a remote system ?

   hSCM = OpenSCManager(WorkStation, vbNullString, _

Workstation should contain your hostname of the remote computer. On what OS is your and the remote system running.


I made sure the firewall was off, tried computername as ip and "full computer name".
Enabled "file sharing" on remote system and logged in via windows explorer.

but OpenSCManager still returns 0

Remote system is 'XP'

Do you have administrative rights on the remote system?


I have an account that matches the one on the system I am developing on. I can surf to its shares and change files. And that account is a member of the Admin group.


I tried it out an no special right are needed when you are in the same domain (tried between two Win XP computers)
From the moment psservice \\computername (without passing user) returns the services you should be able to use the above code to return the services and their state. There is no need to adjust the windows firewall or to disable it.
Are your testcomputers within the same domain?


Neither system belongs to a domain.  Just stand alone XP systems on the same subnet.
I can Ping, file-transfer, browse ...


I posted a request for attention, I still have no solution for this problem.


Are you able to use pslist and psservices with success on the remote system?
If yes we will have to take a look at the OpenSCManager command since your are able to use it locally. Maybe you can post the code that you have for so far.


D:\SoftWare\PsTools>pslist \\xxx.xxx.xxx.101 -uanalyst -p
pslist v1.28 - Sysinternals PsList
Copyright  2000-2004 Mark Russinovich

Failed to take process snapshot on xxx.xxx.xxx.101.
Make sure that the Remote Registry service is running on the
you havefirewall ports allow RPC access, and your account h
ollowing key on the remote system:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Perflib


1.) The remote registry is running.
2.) This account does have privilages to ...\Perfib

Is the account specified correctly ? do I need to specify the account on that machine ? ie:
pslist \\xxx.xxx.xxx.101 -u\\xxx.xxx.xxx.101\analyst -p (This failed as well !)


Can you tell me exactly what port needs to open for this happen ?
Is it the RPC ??
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview


Still fails, but thank you for the syntax on the command.

How can I test to see if the RPC port is open ?


If I telnet to port 135 on ...101,  I pop up in a telnet session (blank screen) indicating that RPC to that system is not blocked and responding.  Right ?


Got it,
"Use Simple File Sharing" must not be enabled !

I can now query all the machines in my office.
Except for the machines on the remote domain(s).


I got pstools to work, thanks
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.