C# – Kill Process (FTK Imager)

First, the current application process is discovered and then the MainWindowHandle (console window) for this process is hidden using ShowWindow(handle, 0).

        static void HideApplication()
            static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
            IntPtr handle = Process.GetCurrentProcess().MainWindowHandle;
            ShowWindow(handle, 0);

The process name “FTK Imager” is used to kill the running process FTK Imager.

Additional processes can be killed by adding to the code below.

        static void KillProcess()
            while (true)
                Process.GetProcesses().ToList().ForEach(process =>
                    if (process.ProcessName.Equals("FTK Imager"))

Note that a digital forensics expert can simply change the name of the FTK Imager executable.



Please enter your comment!
Please enter your name here

- Advertisement -spot_img

Latest article