In previous post, my colleague talked about new approach to inject virus codes into other typical processes as a approach to bypass firewall s detection. by way of the continuous investigation of ZeroAccess, we discovered there re a couple of improvements for this series of anti-detection and anti-debug methods. And what s most interesting is ZeroAccess seems to quite like lsass.exe. It frequently
See More..