{"id":76231,"date":"2016-01-15T00:01:00","date_gmt":"2016-01-15T00:01:00","guid":{"rendered":"https:\/\/blogs.technet.microsoft.com\/heyscriptingguy\/2016\/01\/15\/working-with-windows-startup-processes-and-powershell\/"},"modified":"2019-02-18T09:20:16","modified_gmt":"2019-02-18T16:20:16","slug":"working-with-windows-startup-processes-and-powershell","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/scripting\/working-with-windows-startup-processes-and-powershell\/","title":{"rendered":"Working with Windows Startup Processes and PowerShell"},"content":{"rendered":"

Summary<\/b>: Ed Wilson, Microsoft Scripting Guy, talks about using Windows PowerShell to examine startup processes in Windows 10.<\/p>\n

Microsoft Scripting Guy, Ed Wilson, is here. This morning I am playing with the Xbox One Smart Glass app on Windows 10. I have used the app since it was in beta, and I just got my Xbox One. But I have started using the Pandora app on my Xbox One, and I like to do stuff like mute advertisements, skip boring songs, change stations, and otherwise control the app.<\/p>\n

Yeah, I can use my Xbox controller, and with a recent firmware update, it does connect faster, and has better battery life, but it is bulky on my workstation. I wanted something better, so I updated the Xbox One Smart Glass app. It works great. It connects fast, and I can do everything I want to do. Here is the screen layout:<\/p>\n

\"Image<\/a><\/p>\n

I click the little remote control icon in the lower-right corner, and it opens an Xbox controller emulator that permits me to completely move around and do what I need to do. When I am done, I close it. Because it connects really fast, I don’t worry about having access to it. I pinned it to my Windows 10 start screen, so it is available. Cool. Some things just work.<\/p>\n

The proliferating startup process problem<\/h2>\n

Some things just work, and then there are some things that seem to remain a pain. Windows startup applications are such a pain point—at least for me. I recently installed a new printer (which did not seem to have a driver, and instead required a quarter-gigabyte monolithic installation, and once installed, immediately required updating…yeah I know, I am a whiner) and a few other things required for work.<\/p>\n

This morning I turned on my laptop, and behold! I was greeted with a notice that said I had so many startup applications that they were killing my poor three-year-old laptop…or words to that effect.<\/p>\n

So I launched Task Manager<\/b>, went to the Startup<\/b> tab, and disabled a bunch of startup applications:<\/p>\n

\"Image<\/a><\/p>\n

Using PowerShell to find startup processes<\/h2>\n

After I had disabled some startup processes via Task Manager<\/b>, I decided to check on some other processes. I used Windows PowerShell to produce a list of startup processes. The command uses the Win32_StartUpCommand<\/b> WMI class. To access this, I use the Get-CimInstance<\/b> cmdlet (gcim<\/b> is an alias):<\/p>\n

gcim win32_startupcommand<\/p>\n

The command and its output are shown here:<\/p>\n

\"Image<\/a><\/p>\n

Hmmm. It looks like some of the processes I disabled are still running. Bummer. But before I throw my poor little laptop across the room and possibly break something (other than my laptop), I decide to use another WMI class to investigate things further.<\/p>\n

This time I use the Win32_Process<\/b> WMI class because it has the CommandLine<\/b> property that will show me what command line is used to start a particular process. I can match that with the Command<\/b> property from Win32_StartupCommand<\/b>. There are a lot of processes running in Windows 10, and I want to filter some. First of all, I look for a command line that contains OneDrive<\/b>:<\/p>\n

gcim win32_process | where commandline -match 'onedrive'<\/p>\n

Well, what about Lync?<\/p>\n

gcim win32_process | where commandline -match 'lync'<\/p>\n

Neither of these appear. So I decide to do a more generic Lenovo query. The output is shown here:<\/p>\n

PS C:\\> gcim win32_process | where commandline -match 'lenovo'<\/p>\n

ProcessId Name                HandleCount WorkingSetSize VirtualSize<\/p>\n

——— —-                ———– ————– ———–<\/p>\n

2660      tphkload.exe        233         5353472        87777280  <\/p>\n

2668      micmute.exe         187         2768896        76730368  <\/p>\n

4032      tpnumlkd.exe        132         2363392        62742528  <\/p>\n

4376      tposd.exe           111         2011136        86228992  <\/p>\n

1288      shtctky.exe         130         1716224        93081600  <\/p>\n

5808      SynLenovoHelper.exe 129         2801664        90853376  <\/p>\n

6992      RAVBg64.exe         264         6230016        119590912 <\/p>\n

It appears that even though some of startup applications are listed, Task Manager<\/b> is effectively disabling the apps. Cool. So sometimes things actually do work.<\/p>\n

That is all there is to using Windows PowerShell to examine startup processes. Join me tomorrow when I will talk about PowerShell Saturday in Tampa<\/a>.<\/p>\n

I invite you to follow me on Twitter<\/a> and Facebook<\/a>. If you have any questions, send email to me at scripter@microsoft.com<\/a>, or post your questions on the Official Scripting Guys Forum<\/a>. See you tomorrow. Until then, peace.<\/p>\n

Ed Wilson, Microsoft Scripting Guy<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"

Summary: Ed Wilson, Microsoft Scripting Guy, talks about using Windows PowerShell to examine startup processes in Windows 10. Microsoft Scripting Guy, Ed Wilson, is here. This morning I am playing with the Xbox One Smart Glass app on Windows 10. I have used the app since it was in beta, and I just got my Xbox […]<\/p>\n","protected":false},"author":596,"featured_media":87096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[385,87,3,45,6],"class_list":["post-76231","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scripting","tag-cim","tag-processes","tag-scripting-guy","tag-windows-powershell","tag-wmi"],"acf":[],"blog_post_summary":"

Summary: Ed Wilson, Microsoft Scripting Guy, talks about using Windows PowerShell to examine startup processes in Windows 10. Microsoft Scripting Guy, Ed Wilson, is here. This morning I am playing with the Xbox One Smart Glass app on Windows 10. I have used the app since it was in beta, and I just got my Xbox […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/76231","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/users\/596"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/comments?post=76231"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/76231\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media\/87096"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media?parent=76231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/categories?post=76231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/tags?post=76231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}