Monitor process start in the system

Question

Is there a way to monitor processes starting in the system before they start?

Example:
On programs like ZoneAlarm or Antivirus programs, when you run a program i

Answer 1

You can find out when processes start via using a real-time ETW consumer - however, to be able to take some action that could possibly cancel the process from starting, you'll have to do something shady / undocumented, like hooking CreateProcess, or using a kernel filter driver to block reads to the EXE.