Skip to main content
Skip to main content
Microsoft Security Intelligence
Published Nov 29, 2011 | Updated Sep 15, 2017

Virus:Win32/Xpaj

Detected by Microsoft Defender Antivirus

Aliases: Win32/Goblin.D.Gen (ESET) Win32/Goblin.E.Gen (ESET) Virus.Win32.Xpaj.gen (Kaspersky) Virus.Win32.Xpaj.genb (Kaspersky) Virus.Win32.Xpaj.genc (Kaspersky) W32.Xpaj.B (McAfee) Virus.Win32.Xpaj (Ikarus) PE_XPAJ.C (Trend Micro) Mal/Xpaj-B (Sophos)

Summary

Virus:Win32/Xpaj is a family of viruses that spread by infecting local files and removable and network drives. The virus attempts to download arbitrary files which may be detected as other trojans.

The virus is capable of infecting executable (EXE), driver (DLL), screen saver (SCR) and system (SYS) files.

In the wild, we have observed this virus distributed via file sharing sites, masquerading as a key generator. It may also arrive on your computer via a drive-by download.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

Additional remediation steps for Virus:Win32/Xpaj

Virus:Win32/Xpaj may make lasting changes to infected files that will not be restored by detecting and removing this threat. To return an infected computer to its pre-infected state, files infected by Virus:Win32/Xpaj must be restored from backup.

Follow us