MSIL/Cxover.A is a prooof-of-concept virus written in Microsoft .NET's Microsoft Intermediate Language (MSIL) that can affect both PCs using Windows OS with .NET runtime installed and Windows Mobile handheld devices supporting .NET.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Detailed instructions for F-Secure security products are available in the documentation found in the Downloads section of our Home - Global site.
You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.
Cxover.A infects devices over Microsoft's ActiveSync protocol. If the Cxover.A binary is executed on a Windows Mobile device, it looks for the PC over the ActiveSync connection and copies itself to the PC so that it will start automatically at next boot.
If Cxover.A is executed on a Windows PC it will search for any handled devices connected over ActiveSync and copy itself there.
F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
F-Secure Mobile Anti-Virus for Windows Mobile detects this malware starting from
Database: update build number 16