W32/Xpaj.b Virus attack has occur ar one of my client site, I already perform on demand scan on pcs,
but whenever ps is connected to network, virus is detected on real time from particular source.
My concern is how to remove the virus from entire network? how to deal with it?
This is the official McAfee document: http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=475516
which describes shutting off the System Restore, Updating VSE DAT files, Scanning the system, and Rebuilding the MBR.
Additionally, check for PWS.zbot variants as they may also be on your system. As you stated that when you connect to the network the detection returns, I suspect that the infection is attempting to contact the C&C servers. So, disinfect while disconnected from the network.
Once the system(s) are clean, remember to turn on System Restore services.
Hope this is Helpful.
Moved to Malware Discussion > Corporate User Assistance as a better spot for it.
Sorry for the late reply.
Looking at the logs and the date and time of your reply, there is a 13 day opening between your reply and the infection alert.
Are you sure you are still 'infected?'
This particular infection is over 3 years old; I noticed that you are running Windows XP. What is the update level (service packs, security patches, etc.) installed?
Please update all security updates MS has available, then follow up with a complete scan (on all suspected systems).
If still having issues, contact your (your client's) McAfee Support Rep to help with the clean-up.
Let us know how you are doing.