Weekend Scripter: Use PowerShell to Hide Processes in Windows

Weekend Scripter: Use PowerShell to Hide Processes in Windows

  • Comments 4
  • Likes

Summary: Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to easily hide processes in Windows.

Microsoft Scripting Guy, Ed Wilson, is here. One of the things I used to have problems with when I was a network administrator, was running scripts on systems without a text box demanding attention from the user. In fact, the power users quickly discovered that if they simply clicked the big X button, they could exempt themselves from my scripts. I soon found out that there was a program I could use to hide the dialogs from the users. It worked, but the program was expensive, and it required a per-user license mode.

I was recently in Amsterdam at the Dutch PowerShell User Group meeting. (They actually had four Windows PowerShell MVPs in attendance, including the Scripting Wife). A question came up from one of the attendees about hiding processes. I was quickly taken back to my time as a net admin. But now with Windows PowerShell, it is easy.

Hiding in plain sight

One of the cool things about Windows PowerShell is that it has a number of built-in cmdlets for working with processes. To find these, I use the Get-Command cmdlet, and look for a Noun of process:

PS C:\> Get-Command -Noun process

CommandType     Name                                               ModuleName

-----------     ----                                               ----------

Cmdlet          Debug-Process                                      Microsoft.PowerShel...

Cmdlet          Get-Process                                        Microsoft.PowerShel...

Cmdlet          Start-Process                                      Microsoft.PowerShel...

Cmdlet          Stop-Process                                       Microsoft.PowerShel...

Cmdlet          Wait-Process                                       Microsoft.PowerShel...

From the list, I can see that the cmdlet I want might be Start-Process. So, I use the Get-Help cmdlet to see if my guess is correct.

Note  In Windows PowerShell 3.0 and later, make sure that you open Windows PowerShell with Admin rights, and use the Update-Help cmdlet to ensure you have access to the latest Help content.

I use the Get-Help cmdlet to look at information about the Start-Process cmdlet. As shown in the following image, I see that a number of switches and parameters are available, and one is the –WindowStyle parameter.

Image of command output

Unfortunately, I am not sure what I can specify for a window style. So I use one of my favorite tricks. I give the parameter a bogus value, and look at the error message that returns. This technique is shown here:

Image of error message

Now, I see that I can use Minimized as a parameter value.

Note  Keep in mind that in Windows PowerShell 4.0, I can use tab expansion to bring up the available options for a parameter.

The command is shown here:

Start-Process notepad -WindowStyle Hidden

No output appears in the Windows PowerShell console. Also, no new icon shows up on the tool bar. There is no indication that the process is running.

I can use the Get-Process cmdlet as shown here to retrieve the process:

Image of command output

Cool, now that I can find the process, I can also terminate the process. To do this, I pipe the returned process object to the Stop-Process cmdlet:

Get-Process notepad | Stop-Process

Neat. Now I can start a process hidden (or use any of the other Windows styles, such as minimized) if I need to do so.

Hope you have a great weekend.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Great thanks for your blog in general. I've got already a lot of ideas and solutions from it!

    Incited by your last one, I've just written a little script to get all processes and to distinguish between hidden an not hidden processes

    Best greetings

    ------------
    Function Main{
    $Processes = Get-Process
    $Processes | Format-Table Handles,WS,VM,Id,ProcessName,
    @{
    Label="IsBackGroundProcess"
    Expression={Test-IsBackground $_}
    } -AutoSize

    } #Main

    Function Test-IsBackground{
    Param($Process)
    If ($($Process.MainWindowTitle) -eq ""){
    Return $True
    }Else{
    Return $False
    }
    }

    Main

  • Neat! To make the window reappear via powershell :

    $sig = '[DllImport("user32.dll")] public static extern bool ShowWindowAsync(IntPtr hWnd, int nCmdShow);'
    Add-Type -MemberDefinition $sig -name NativeMethods -namespace Win32
    $hwnd = @(Get-Process Notepad)[0].MainWindowHandle
    [Win32.NativeMethods]::ShowWindowAsync($hwnd, 5)

    Reference :
    http://stackoverflow.com/questions/4993926/maximize-window-and-bring-it-in-front-with-powershell
    http://msdn.microsoft.com/en-us/library/windows/desktop/ms633548(v=vs.85).aspx

  • Guys, guys!! You're making a _HUGE_ confusion here. You're not hiding the process, only its main window. The process itself is still visible in Task Manager.