djg05
November 30th, 2006, 02:56 PM
I have been playing around with GMER and notice that it has a kill function. Although I have protection enabled in SSM for the processes in question it was able to kill them off without any warning from SSM
The initial warnings from SSM were about loading GMER and another about loading a driver. Both of these were allowed which resulted in the kill going ahead. Stop the driver and it is ineffective.
This means that the 3 musketeers are still vulneralbe to being dumped. I only tried LSASS but assume the other are the same.
The initial warnings from SSM were about loading GMER and another about loading a driver. Both of these were allowed which resulted in the kill going ahead. Stop the driver and it is ineffective.
This means that the 3 musketeers are still vulneralbe to being dumped. I only tried LSASS but assume the other are the same.