Showing results for 
Show  only  | Search instead for 
Did you mean: 

McAfee Alert on the w32/pift worm

Yesterday, I received an alert from McAfee with a Medium threat level on this new  worm w32/pift worm. There is a mcafee kb article on it. There is an extra.dat as well as an updated stinger.

Now to my question

I have been monitoring the AvertLabs threat advisories website and so far there has been no right up on this worm that i can see.

Been checking the daily dats to see if when it is included and the latest dats 6770 released yesterday has no mention of new virus signatures.

So here is my problem,  I do not deploy extra.dats as a norm unless i have discovered an infection / outbreak..

With nothing up on the McAfee virus library page on this worm and there is nothing in the Dats, how am I and my company going to know what the minimum requirements are for protection on this worm. When will it be included in the normal dats?

Thank you for your input.


8 Replies

Re: McAfee Alert on the w32/pift worm

Ok then, the 6771 dats have now been released and there is no mention of the w32/pift worm. checked the     and it still has nothing on it. Can someone update us or the VIL with some information on this worm? I have upper management breathing down my neck on this.

thank you,


Re: McAfee Alert on the w32/pift worm

Hi, we have gold partner support.  I asked if it is in 6770 and no, for some reason it is highly recommended to apply the extra dat as not in upcoming DATS - no idea why and info is scarce.  I did that as an emergency change as its out of band for us, we just normally do DATs.  running on a few hundred production servers and lots of clients now without issue.  I could not get an answer on how widespread this virus is - if anyone knows that then please post up.

Re: McAfee Alert on the w32/pift worm

We are on the same boat, i.e., only deploy extra.dat when we have a new discovery/outbreak.

Checking DAT 6772 and 6773 no sign of W32/Pift

I might give support a ring to find out what to do........

Any news anyone???

Re: McAfee Alert on the w32/pift worm

Can you tell me how to verify if a virus is covered by a DAT file?

Re: McAfee Alert on the w32/pift worm

go to and check the new detections on the DAT file(s)


Re: McAfee Alert on the w32/pift worm

Thanks redbaron51

Re: McAfee Alert on the w32/pift worm

Have just received this reply from McAfee support:


Currently VSE On demand scanner is detecting this threat but not OAS.

Below is ETA to include in out scanners.

o     McAfee Gateway and Command Line Scanners – available in  6771 DATs

o     VSE On Demand Scanner – available in 6771 DATs

o     VSE On Access Scanner – tentative ETA is July 17, 2012. 

OAS scanner will start detecting it in tomorrow's DAT file.

Currently if you have W32/pift infection then please run the stringer file/ED which will resolve the issue."


Re: McAfee Alert on the w32/pift worm

This information should be put on the website. 

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community