i trying to change running processes integrity, as can be changed in Process Hacker:
Process Hacker – Change Integrity ScreenShot
So, like this, but in command line that i need.
I tried Icacls, and chml, and PsExec, but they not capable to do what i wanted to, because, Icacls, like chml –> Example: Setting cmd.exe integrity to Low, is good, but when i launch it as admin, integrity is High, so this is not good for my idea.
My idea is: I have an autohotkey script, that can apply commands, on processes, within a list, Exclude/include, so this will be, a second security layer, after antivirus.
For example: A Ransomware infects the system, my script reacts to it, setting the integrity of unknown exe to Untrusted, reversing autorun registry key values to their default. I think, this is will be a very good protection example, for users who wants to run, hmm, Minecraft.exe in untrusted integrity, because of Log4J exploit. So, i think, i detailed this, as i can. 🙂
