Altro che errore , era pieno zeppo di virus , giusto per testare , se poi ti andava in malora il PC mica li aveva creati lui...

EDIT: Mande, puoi postare per intero le descrizioni fornite da Symantec rispetto alle sei minaccie rilevate? A me fa leggere solo l'ultima.

Discovered: March 6, 2002
Updated: February 13, 2007 12:36:04 PM
Also Known As: Exploit-CodeBase, Exploit.CodeBaseExec
Type: Trojan Horse


This exploit was disclosed in at least one security forum. It uses instructions based on XML data source object coding to run files that are stored locally. It does this without warning.

Discovered: September 7, 2004
Updated: February 13, 2007 12:27:11 PM
Also Known As: Trojan.HTML.Crasher [KAV], HTML/CrashIE.B [F-PROT], Trojan:HTML/Crasher [GeCAD]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


Trojan.CrashIE is executed, it will cause Microsoft Internet Explorer to stop responding.

Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects attemps to exploit a weakness in the Internet Explorer CSS parser, which allows an attacker to issue a denial-of-service attack on the target host and possibly allows the attacker to execute arbitrary code.
Additional Information
A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag.

It is reported that Internet Explorer will, under proper circumstances, compute the length of a comment string by subtracting a pointer to the terminator "*/" sequence of a comment from a pointer to the opening sequence "/*" of a comment. The result is used as a boundary check during a memcpy() operation performed on the comment string.

It is reported that if the comment is not closed with a terminator "*/" sequence, the algorithm used to derive the length of the comment string will result in a -2 Unicode string length. The memcpy() function will employ this value as 0xFFFFFFFE, and the size of this copy operation will result in a crash when a memory access violation occurs.

This issue could be exploited by a remote attacker to execute arbitrary code or cause a denial-of-service. The attacker would likely create a malicious HTML page and host it on a site. The attacker would then attempt to entice a user to visit the malicious page to carry out a successful attack. Other attack vectors may also exist, such as HTML email or other system components that support Cascading Style Sheets.

Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects an HTTP URI attempting to exploit the Help and Support Center for Windows XP.
Additional Information
A local Help and Support Center application was introduced with Microsoft Windows XP. It is an extended version of Help Center applications included in previous versions of the operating system. Included in the Help and Support Center application are utilities for troubleshooting hardware issues. One such utility (uplddrvinfo.htm) uses an ActiveX control that may potentially be used for malicious purposes.

Microsoft Internet Explorer on Windows XP comes equipped with a URI handler for the Help and Support Center application. The handler may be invoked through links. When such a link is requested by the browser, the Help and Control Center will load an appropriate page that is stored locally. The browser runs requests to the HCP URI handler with relaxed Security Zone restrictions. The uplddrvinfo.htm file uses an ActiveX control that may be used to delete local files.

Since the ActiveX control accepts file names from the HCP URIs, it is possible for an attacker to abuse this situation via a malicious link. Because the browser runs the HCP request with relaxed restrictions, the user is not prompted when the ActiveX control is executed. However, it has been reported that a window with a "Get Help With Your Hardware Device" dialog is displayed when uplddrvinfo.htm is invoked, and that the utility will follow through with the commands if the user closes this window.

It is confirmed that an attacker may construct a link that will cause specified files to be deleted if it is clicked on by the victim. A number of other files are included in the Help and Support Center application that may also be used by a remote attacker to perform various actions on the client system via a maliciously constructed HCP handler URI.