Windows Process Blocker
The Windows application Process Blocker has been designed to provide system administrators and computer technicians with a tool to prevent unauthorized programs from running on systems the tool runs on.
that can be easily distributed on a computer network to prevent unauthorized program starts.
The program is currently in beta stage and has not completed the goal yet but it comes with a functional feature set that makes it interesting for many users.
Update: Process Blocker stable is out, and it ships with a graphical user interface and features that were missing from the beta.
Monitored Windows processes get killed at the moment they are started instead of being blocked outright. A few small scripts can slip through at the moment because of this behavior as it takes some time to recognize a newly launched application and send the kill command to the computer system.
Process Blocker uses a simple text file that is placed in the same installation directory as the main application. This text file lists names of executable files that are not allowed to be launched on a computer system. The program itself is added as a Windows Service to the system which has to be restarted after making changes to the text file.
Update: The most recent version of the application ships with a graphic user interface. Here you can add applications to the block list the program maintains so that they cannot be run by anyone anymore.
If you buy a license, you can define users who are blocked from running those applications, something that the free version of the program does not support.
You find two additional preferences on the settings page.Here you can change the log file location, or the writing to the log file, and whether the program should display tray notifications when programs are blocked from running. Update End
Process Blocker displays a user notification in the Windows System Tray whenever a process has been blocked by the service. A similar application that provides a better user experience is the process manager Process Lasso. The developers of Process Blocker on the other hand are not even halfway through their roadmap, and it appears that development stopped in 2015.
The next step will move the management of processes from the text file to a Group Policy administrative template. Other planned features are killing processes and applications using its crc (in case they get renamed) or full path, recording process errors and information in Windows Event log, allowing users to only run applications from specified folders (e.g. program files and Windows) and changing process killing to process execution prevention.
I am one of authors of Launch Control for Windows. There is a description of the program : http://www.launchctrl.com/technical.html. As you can see any program or library does not work until you allow or add it to rules of Launch Control. I used Process Blocker but I do not like that this tool scans processes list periodically and kills already runned processes. Some program can do not good things until it will be killed. Launch Control uses another technology.
Device driver subscription to process creation and termination events, and then action from there? Yes, this change is coming to Process Lasso’s (https://bitsum.com/) ‘Disallowed Processes’ (supported for decades in this form) soon.
Under Windows XP onwards, the same can be achieved using a local group policy (http://technet.microsoft.com/en-us/library/cc776536.aspx)
No need for any 3rd party services