Weekend Scripter: Use PowerShell to Hide Processes in Windows


Summary: Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to easily hide processes in Windows.

Microsoft Scripting Guy, Ed Wilson, is here. One of the things I used to have problems with when I was a network administrator, was running scripts on systems without a text box demanding attention from the user. In fact, the power users quickly discovered that if they simply clicked the big X button, they could exempt themselves from my scripts. I soon found out that there was a program I could use to hide the dialogs from the users. It worked, but the program was expensive, and it required a per-user license mode.

I was recently in Amsterdam at the Dutch PowerShell User Group meeting. (They actually had four Windows PowerShell MVPs in attendance, including the Scripting Wife). A question came up from one of the attendees about hiding processes. I was quickly taken back to my time as a net admin. But now with Windows PowerShell, it is easy.

Hiding in plain sight

One of the cool things about Windows PowerShell is that it has a number of built-in cmdlets for working with processes. To find these, I use the Get-Command cmdlet, and look for a Noun of process:

PS C:\> Get-Command -Noun process

CommandType     Name                                               ModuleName

-----------     ----                                               ----------

Cmdlet          Debug-Process                                      Microsoft.PowerShel...

Cmdlet          Get-Process                                        Microsoft.PowerShel...

Cmdlet          Start-Process                                      Microsoft.PowerShel...

Cmdlet          Stop-Process                                       Microsoft.PowerShel...

Cmdlet          Wait-Process                                       Microsoft.PowerShel...

From the list, I can see that the cmdlet I want might be Start-Process. So, I use the Get-Help cmdlet to see if my guess is correct.

Note  In Windows PowerShell 3.0 and later, make sure that you open Windows PowerShell with Admin rights, and use the Update-Help cmdlet to ensure you have access to the latest Help content.

I use the Get-Help cmdlet to look at information about the Start-Process cmdlet. As shown in the following image, I see that a number of switches and parameters are available, and one is the –WindowStyle parameter.

Image of command output

Unfortunately, I am not sure what I can specify for a window style. So I use one of my favorite tricks. I give the parameter a bogus value, and look at the error message that returns. This technique is shown here:

Image of error message

Now, I see that I can use Minimized as a parameter value.

Note  Keep in mind that in Windows PowerShell 4.0, I can use tab expansion to bring up the available options for a parameter.

The command is shown here:

Start-Process notepad -WindowStyle Hidden

No output appears in the Windows PowerShell console. Also, no new icon shows up on the tool bar. There is no indication that the process is running.

I can use the Get-Process cmdlet as shown here to retrieve the process:

Image of command output

Cool, now that I can find the process, I can also terminate the process. To do this, I pipe the returned process object to the Stop-Process cmdlet:

Get-Process notepad | Stop-Process

Neat. Now I can start a process hidden (or use any of the other Windows styles, such as minimized) if I need to do so.

Hope you have a great weekend.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy

Comments (3)

  1. kai says:

    Great thanks for your blog in general. I’ve got already a lot of ideas and solutions from it!

    Incited by your last one, I’ve just written a little script to get all processes and to distinguish between hidden an not hidden processes

    Best greetings

    ————
    Function Main{
    $Processes = Get-Process
    $Processes | Format-Table Handles,WS,VM,Id,ProcessName,
    @{
    Label=”IsBackGroundProcess”
    Expression={Test-IsBackground $_}
    } -AutoSize

    } #Main

    Function Test-IsBackground{
    Param($Process)
    If ($($Process.MainWindowTitle) -eq “”){
    Return $True
    }Else{
    Return $False
    }
    }

    Main

  2. SystematicADM says:

    Neat! To make the window reappear via powershell :

    $sig = ‘[DllImport(“user32.dll”)] public static extern bool ShowWindowAsync(IntPtr hWnd, int nCmdShow);’
    Add-Type -MemberDefinition $sig -name NativeMethods -namespace Win32
    $hwnd = @(Get-Process Notepad)[0].MainWindowHandle
    [Win32.NativeMethods]::ShowWindowAsync($hwnd, 5)

    Reference :
    http://stackoverflow.com/questions/4993926/maximize-window-and-bring-it-in-front-with-powershell
    http://msdn.microsoft.com/en-us/library/windows/desktop/ms633548(v=vs.85).aspx

  3. Mircea says:

    Guys, guys!! You’re making a _HUGE_ confusion here. You’re not hiding the process, only its main window. The process itself is still visible in Task Manager.

Skip to main content