sandevsingh - You want to use '!SSLv3:AES-GCM:RC4-SHA'
First, SSLv3 is only disabled *BY DEFAULT*. If you change the cipher string, it may no longer be disabled - and, in fact, in this case if you just used 'AES-GCM:RC4-SHA' you would re-enable it as RC4-SHA exists in SSLv3. So you'd end up enabling RC4-SHA for *all* protocols that have it, including SSLv3. Since you're replacing the cipher string you need to be careful about what gets re-enabled. You can check it with "tmm --clientciphers '!SSLv3:AES-GCM:RC4-SHA'" vs. "tmm --clientciphers 'AES-GCM:RC4-SHA'"
As for the negation, it only applies to SSLv3. The '!' only applies to one term, not the whole string. !SSLv3:AES-GCM:RC4-SHA means HARD DISABLE SSLv3, ENABLE AES-GCM, and ENABLE RC4-SHA. So what you're left with are AES-GCM & RC4-SHA enabled for TLS. No other ciphers are enabled - so all CBC-mode ciphers are implicitly disabled. You're just enabling the non-CBC ciphers and leaving the rest out.