Cxover.A

Threat description

Details

CATEGORYMalware
TYPETrojan

Summary

MSIL/Cxover.A is a prooof-of-concept virus written in Microsoft .NET's Microsoft Intermediate Language (MSIL) that can affect both PCs using Windows OS with .NET runtime installed and Windows Mobile handheld devices supporting .NET.



Removal

Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Cxover.A infects devices over Microsoft's ActiveSync protocol. If the Cxover.A binary is executed on a Windows Mobile device, it looks for the PC over the ActiveSync connection and copies itself to the PC so that it will start automatically at next boot.

If Cxover.A is executed on a Windows PC it will search for any handled devices connected over ActiveSync and copy itself there.

Detection

F-Secure Anti-Virus detects this malware with the following updates:

Detection Type: PC

Database: 2006-03-15_02

F-Secure Mobile Anti-Virus for Windows Mobile detects this malware starting from

Database: update build number 16

Submit a Sample

Suspect a file or URL was wrongly detected?
Send it to our Labs for further analysis

Submit a Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

More Info