Per il primo ho trovato questo dal sito di Mc Afee:

"Removal Instructions

All Users:Use specified engine and DAT files for detection.Please Note: On NT/2000 machines, due to the nature in which the DLL component of this trojan is injected into the memory space of LSASS.EXE and EXPLORER.EXE, removal from an infected system is complex. The scan/clean should be performed in Safe Mode. The following steps should be taken:· Reboot the system into Safe Mode (hit the F8 key as soon as the Starting Windows text is displayed, choose Safe Mode, or on WinNT choose VGA mode) · Run VirusScan and choose to clean all infected files · Restart the computer Many share jumping viruses rely on weak usernames/passwords. They attempt to gain administrative rights by using a dictionary-style attack, trying usernames like "admin" or "administrator" and passwords like "admin" or "123456". Beyond such weak usernames/passwords many can use the credentials of the local user. Meaning that if a super-administrator, or domain-admin logs on to an infected system or becomes infected, the virus will have access to all systems within its "reach". Such worms often rely on the presence of default, admin shares. It is a good idea to remove the administrative shares (C$, IPC$, ADMIN$) on all systems to prevent such spreading. A simple batch file containing the following commands may be of help, especially when run from a logon script, or placed in the startup folder. · net share c$ /delete · net share d$ /delete · net share e$ /delete · net share ipc$ /delete · net share admin$ /delete "

Per l'altro non ho trovato niente...è giusto il nome?