diff --git a/kvc/ControllerProcessOperations.cpp b/kvc/ControllerProcessOperations.cpp
index 8134dae..fb542ae 100644
--- a/kvc/ControllerProcessOperations.cpp
+++ b/kvc/ControllerProcessOperations.cpp
@@ -1186,27 +1186,33 @@ bool Controller::GetProcessProtection(DWORD pid) noexcept
     GetConsoleScreenBufferInfo(hConsole, &consoleInfo);
     WORD originalColor = consoleInfo.wAttributes;
 
-    if (protLevel == 0) {
-        wprintf(L"[*] PID %d (%s) is not protected\n", pid, processName.c_str());
-    } else {
-        WORD protectionColor = (protLevel == static_cast<UCHAR>(PS_PROTECTED_TYPE::ProtectedLight)) ?
-            (FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY) : (FOREGROUND_GREEN | FOREGROUND_INTENSITY);
-        
-        SetConsoleTextAttribute(hConsole, protectionColor);
-        wprintf(L"[*] PID %d (%s) protection: %s-%s (raw: 0x%02x)\n", 
-                pid, processName.c_str(),
-                Utils::GetProtectionLevelAsString(protLevel),
-                Utils::GetSignerTypeAsString(signerType),
-                currentProtection.value());
-        SetConsoleTextAttribute(hConsole, originalColor);
-    }
-    
-    auto dumpability = Utils::CanDumpProcess(pid, processName, protLevel, signerType);
-    SetConsoleTextAttribute(hConsole, BACKGROUND_RED | BACKGROUND_GREEN | BACKGROUND_BLUE);
-    wprintf(L" Dumpability: %s - %s \n", 
-            dumpability.CanDump ? L"Yes" : L"No",
-            dumpability.Reason.c_str());
-    SetConsoleTextAttribute(hConsole, originalColor);
+	if (protLevel == 0) {
+		wprintf(L"[*] PID %d (%s) is not protected\n", pid, processName.c_str());
+	} else {
+		WORD protectionColor;
+		if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Lsa)) {
+			protectionColor = FOREGROUND_RED | FOREGROUND_INTENSITY;
+		}
+		else if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::WinTcb) ||
+				 signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::WinSystem) ||
+				 signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Windows)) {
+			protectionColor = FOREGROUND_GREEN | FOREGROUND_INTENSITY;
+		}
+		else if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Antimalware)) {
+			protectionColor = FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY;
+		}
+		else {
+			protectionColor = FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY;
+		}
+		
+		SetConsoleTextAttribute(hConsole, protectionColor);
+		wprintf(L"[*] PID %d (%s) protection: %s-%s (raw: 0x%02x)\n", 
+				pid, processName.c_str(),
+				Utils::GetProtectionLevelAsString(protLevel),
+				Utils::GetSignerTypeAsString(signerType),
+				currentProtection.value());
+		SetConsoleTextAttribute(hConsole, originalColor);
+	}
     
     EndDriverSession(true);
     return true;
diff --git a/kvc/Utils.cpp b/kvc/Utils.cpp
index e68e989..7478e7e 100644
--- a/kvc/Utils.cpp
+++ b/kvc/Utils.cpp
@@ -994,20 +994,24 @@ const wchar_t* GetProcessDisplayColor(UCHAR signerType, UCHAR signatureLevel,
         return ProcessColors::BLUE; // Unchecked signatures - blue
     }
 
-    // System processes - green
+    // LSA processes - RED (critical security authority)
+    if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Lsa)) {
+        return ProcessColors::RED;
+    }
+
+    // System processes - GREEN (kernel/system trust)
     if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Windows) ||
         signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::WinTcb) ||
-        signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::WinSystem) ||
-        signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Lsa)) {
+        signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::WinSystem)) {
         return ProcessColors::GREEN;
     }
 
-    // Security software - yellow
+    // Security software - YELLOW (antimalware)
     if (signerType == static_cast<UCHAR>(PS_PROTECTED_SIGNER::Antimalware)) {
         return ProcessColors::YELLOW;
     }
 
-    // User/third-party processes - yellow
+    // User/third-party processes - YELLOW (default)
     return ProcessColors::YELLOW;
 }
 
diff --git a/kvc/Utils.h b/kvc/Utils.h
index 6694a9a..6e73a35 100644
--- a/kvc/Utils.h
+++ b/kvc/Utils.h
@@ -319,13 +319,14 @@ namespace Utils
     /**
      * @brief ANSI color codes for process display
      */
-    struct ProcessColors {
-        static constexpr const wchar_t* GREEN = L"\033[92m";   ///< System processes
-        static constexpr const wchar_t* YELLOW = L"\033[93m";  ///< User processes
-        static constexpr const wchar_t* BLUE = L"\033[94m";    ///< Unchecked signatures
-        static constexpr const wchar_t* HEADER = L"\033[97;44m"; ///< Table headers
-        static constexpr const wchar_t* RESET = L"\033[0m";    ///< Reset color
-    };
+	struct ProcessColors {
+		static constexpr const wchar_t* GREEN = L"\033[92m";   ///< System processes (WinTcb, WinSystem, Windows)
+		static constexpr const wchar_t* RED = L"\033[91m";     ///< LSA processes (critical security)
+		static constexpr const wchar_t* YELLOW = L"\033[93m";  ///< User/Antimalware processes
+		static constexpr const wchar_t* BLUE = L"\033[94m";    ///< Unchecked signatures
+		static constexpr const wchar_t* HEADER = L"\033[97;44m"; ///< Table headers
+		static constexpr const wchar_t* RESET = L"\033[0m";    ///< Reset color
+	};
 
     /**
      * @brief Enables ANSI virtual terminal processing for colored output