I remember how I got into the article that CodeProject had been in relation to the antivirus or antivirus software for a long time, which some guy wrote where he connected to the Windows API to be able to catch whenever a new process started, and suggested to the user that allows you to start the process.
I can no longer find the article and really would like to implement something like this. We currently have a special browser based on Gecko that we have integrated access restrictions to sites based on our internal employee security levels, etc. We prohibit the launch of any other browser using a timer and the call to Process.GetProcessesByName () from the list of browsers that we do not allow.
What we want to do, instead of just blocking these browsers, where there is a slight delay between launching another browser and killing it by our service, we would like to be able to display a dialog box instead of the launch process in general, explaining that the program is not in the allowed the list. Thus, we can create a list of โallowedโ processes and simply block everything else (we have not had any problems installing external applications, but you can never be too careful).
Unfortunately, we donโt do much Windows API programming from C #, so Iโm not sure where to start looking for calls that we need to intercept.
Even a convenient starting point for reading.
source share