Virus:Win32/Xpaj is a family of viruses that spread by infecting local files and removable and network drives. The virus attempts to download arbitrary files which may be detected as other trojans.

The virus is capable of infecting executable (EXE), driver (DLL), screen saver (SCR) and system (SYS) files.

In the wild, we have observed this virus distributed via file sharing sites, masquerading as a key generator. It may also arrive on your computer via a drive-by download.

Virus:Win32/Xpaj.B is a polymorphic virus that infects Windows executable files, including EXE, DLL, SCR, and SYS files. It can also spread via removable and network drives.

Virus:Win32/Xpaj.J is a polymorphic, entry point obscuring (EPO -- meaning that when the virus infects the file, the point at which the virus infects the file is obscured, in an attempt to make it more difficult to detect) virus that infects Windows PE files.The virus also attempts to download additional files from remote hosts.

Virus:Win32/Xpaj.gen!A is a polymorphic, entry point obscuring virus that infects Windows PE files. The virus also attempts to download additional files from remote hosts.

Virus:Win32/Xpaj.gen!C is a polymorphic, entry point obscuring (EPO -- meaning that when the virus infects the file, the point at which the virus infects the file is obscured, in an attempt to make it more difficult to detect) virus that infects Windows PE files. It uses virtualized code in order to hide its main code infection routine.