It looks very close to the W32.Changeup article update that Symantec released yesterday:
https://www-secure.symantec.com/connect/pt-br/blogs/w32changeup-malicious-gift-keeps-giving
The worm itself is old, but a new variant has kicked up the detections again. Symantec just modified existing signatures, whereas McAfee added variant label to their signatures.