I was wondering if there is a way I could hook the windows processes to check if any suspicious programs are running like (Wireshark, Fiddler, OllyDBG, etc).
I want to hook the windows processes so it will close the client or pop-up a message in real time when it detects a unwanted process.
If you guys can provide me with any links to doing this that would be nice.
Thanks!
Process[] processlist = Process.GetProcesses();
Then walk the list and do as desired for your apps you do not want to run.
EnumWindows enumerates all top level windows.
And you don't want to inject a C# dll into other processes. This requires the .net runtime to be loaded into that process. This wastes RAM, and if the process is a .net app using a different version of .net then there are versioning problems. Especially if your dll is injected before the process loads its own version of .net.
And what to you want to achieve by injecting into that process you can't achieve from the outside?
You can detect process creations by using WMI creation events for Win32_Process. An instance of Win32_Process is created with each process, so looking new instances will tell you about process creation in (near) real time.
To receive WMI creation events see this page: http://msdn.microsoft.com/en-us/library/system.management.eventquery.aspx (EDIT: different link, now to sample in C#).