Search and Destroy Process using C#

Recently, I saw an exam system that has a feature to monitor the process. As soon as prohibited software such as Communicator.exe is found, the process is immediately killed and reported to the server. I looked into it a little bit, and this feature is actually quite simple to implement. It is to use ManagementObjectSearcher to get a list of processes, then put them in a Collection, and then you can do it according to your own logic.

Here's an example: get a list of processes, create a list of "banned" processes, find and kill processes. Note that you need to add a reference to System.Management in your project first.

using System;
using System.Management;

namespace ConsoleApplication3
{
    
    class Program
    {
        static void Main(string[] args)
        {
            // Show Process List
            Console.WriteLine("===========Process List===========");
            ManagementObjectCollection objects = new ManagementObjectSearcher("SELECT * FROM Win32_Process").Get();
            foreach (ManagementObject item in objects)
            {
                Console.WriteLine((item["Name"].ToString()));
            }

            // Create Ban List
            Console.WriteLine("===========Ban List===========");
            string lst = "Communicator.exe,POWERPNT.exe,notepad.exe";
            string[] bannedProc = lst.Split(‘,‘);
            foreach (string s in bannedProc)
            {
                Console.WriteLine(s);
            }

            // Search and Destroy
            Console.WriteLine("===========Search and Destroy===========");
            Console.WriteLine("Searching for banned process...");
            int count = 0;
            foreach (string item in bannedProc)
            {
                if (DetectProcess(item))
                {
                    count++;
                    Console.WriteLine("Process [{0}] Detected!", item);
                    Console.WriteLine("[{0}] was killed {1}.", item, KillProcess(item) ? "Successfully" : "Unsucessfully");
                }
            }
            Console.WriteLine("Done, {0} banned process found", count);
        }

        protected static bool DetectProcess(string pProcessName)
        {
            ManagementObjectCollection objects = new ManagementObjectSearcher("SELECT * FROM Win32_Process").Get();
            foreach (ManagementObject item in objects)
            {
                string str = item["Name"].ToString();
                if (str.Trim().ToUpper() == pProcessName.Trim().ToUpper())
                {
                    return true;
                }
            }
            return false;
        }

        public static bool KillProcess(string pProcessName)
        {
            ManagementObjectCollection objects = new ManagementObjectSearcher("SELECT * FROM Win32_Process").Get();
            foreach (ManagementObject item in objects)
            {
                string str = item["Name"].ToString();
                if (str.Trim().ToUpper() == pProcessName.Trim().ToUpper())
                {
                    string[] args = new string[] { "0" };
                    item.InvokeMethod("Terminate", args);
                    return true;
                }
            }
            return false;
        }
    }
}

Here's what it looks like: