Discussion:
Anyone have any experience with Lorez?
(too old to reply)
Russ Vance
2003-08-22 02:23:35 UTC
Permalink
I have a PC w/Win98se and a dual infection of Lorez and Spaces viruses.

I've read both Computer Associates and Symantec's entries, but I'm
curious what others have done to remove this virus.

Spaces doesn't seem to be much of a problem, but Lorez insists on
hanging on to Explorer and some other critical files.

My goal is to disinfect the virus and not have to reload Windows.

I've renamed the infected kernel32.dll in Windows directory
kernel32.bak without any problems.

I have Nortons rescue disk but they didn't do diddly.

I also have IncoculateIT but if I install it on the infected Windows,
the unit won't boot becauses Explorer is damaged and a window pops up
telling me to reinstall Windows. I found this out the hard way when I
did this to a laptop with a Lorez
infection.

Any Ideas would be helpful,
Thanks,
vancera
n***@zilch.com
2003-08-22 11:59:32 UTC
Permalink
Post by Russ Vance
I have a PC w/Win98se and a dual infection of Lorez and Spaces viruses.
I've read both Computer Associates and Symantec's entries, but I'm
curious what others have done to remove this virus.
Spaces doesn't seem to be much of a problem, but Lorez insists on
hanging on to Explorer and some other critical files.
My goal is to disinfect the virus and not have to reload Windows.
I've renamed the infected kernel32.dll in Windows directory
kernel32.bak without any problems.
I have Nortons rescue disk but they didn't do diddly.
I also have IncoculateIT but if I install it on the infected Windows,
the unit won't boot becauses Explorer is damaged and a window pops up
telling me to reinstall Windows. I found this out the hard way when I
did this to a laptop with a Lorez
infection.
No experience but I see F-Prot recognizes different strains of LoRez:

http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=w95.LoRez&product=0

I suggest giving my F-Prot emergency program a try. Create a EBD set
including the special boot disk and two av disks on a clean Win 98 PC.
F-Prot has a very good reputation for handling disinfections.

As you can see from the descriptions, you have other emergency boot
disk work to do as well, for which a normal Win 98 system boot disk is
appropriate.


Art
http://www.epix.net/~artnpeg
Snowsquall
2003-08-22 14:38:45 UTC
Permalink
I have had no experience but try this link:
http://securityresponse.symantec.com/avcenter/venc/data/w95.lorez.html
if that doesn't work google "lorez virus" without the quotes.
Post by Russ Vance
I have a PC w/Win98se and a dual infection of Lorez and Spaces viruses.
I've read both Computer Associates and Symantec's entries, but I'm
curious what others have done to remove this virus.
Spaces doesn't seem to be much of a problem, but Lorez insists on
hanging on to Explorer and some other critical files.
My goal is to disinfect the virus and not have to reload Windows.
I've renamed the infected kernel32.dll in Windows directory
kernel32.bak without any problems.
I have Nortons rescue disk but they didn't do diddly.
I also have IncoculateIT but if I install it on the infected Windows,
the unit won't boot becauses Explorer is damaged and a window pops up
telling me to reinstall Windows. I found this out the hard way when I
did this to a laptop with a Lorez
infection.
Any Ideas would be helpful,
Thanks,
vancera
Loading...