cancel
Showing results for 
Search instead for 
Did you mean: 

W32/Xpaj.b Virus

Hello Experts,

Need your help!

W32/Xpaj.b Virus attack has occur ar one of my client site, I already perform on demand scan on pcs,

but whenever ps is connected to network, virus is detected on real time from particular source.

My concern is how to remove the virus from entire network? how to deal with it?

Please Help!

Thank You!

5 Replies

Re: W32/Xpaj.b Virus


kumailesaf wrote:



W32/Xpaj.b Virus attack has occur ar one of my client site, I already perform on demand scan on pcs,


but whenever ps is connected to network, virus is detected on real time from particular source.



My concern is how to remove the virus from entire network? how to deal with it?


This is the official McAfee document: http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=475516

which describes shutting off the System Restore, Updating VSE DAT files, Scanning the system, and Rebuilding the MBR.

Additionally, check for PWS.zbot variants as they may also be on your system. As you stated that when you connect to the network the detection returns, I suspect that the infection is attempting to contact the C&C servers. So, disinfect while disconnected from the network.

Once the system(s) are clean, remember to turn on System Restore services.

Hope this is Helpful.

Ron Metzger

exbrit
Level 21
Report Inappropriate Content
Message 3 of 6

Re: W32/Xpaj.b Virus

Moved to Malware Discussion > Corporate User Assistance as a better spot for it.

---

Peter

Moderator

Re: W32/Xpaj.b Virus

Hello,

I followed the steps mentioned in documents, but still facing the real time attack from particular source & unknown source...

Screenshot is attached for ur reference.AttackSource_AET-MON-008(copy).bmp

please help! 

Re: W32/Xpaj.b Virus

Hello,

I followed the steps mentioned in documents, but still facing the real time attack from particular source & unknown source...

Screenshot is attached for ur reference.please help!

AttackSource_AET-MON-008(copy).bmp

Re: W32/Xpaj.b Virus

Hi

Sorry for the late reply.

Looking at the logs and the date and time of your reply, there is a 13 day opening between your reply and the infection alert.

Are you sure you are still 'infected?'

This particular infection is over 3 years old; I noticed that you are running Windows XP. What is the update level (service packs, security patches, etc.) installed?

Please update all security updates MS has available, then follow up with a complete scan (on all suspected systems).

If still having issues, contact your (your client's) McAfee Support Rep to help with the clean-up.

Let us know how you are doing.

Ron Metzger