In my research, I discovered the following:
- When using Symantec as a resource, it is difficult to determine which variant is being discussed, which leads to confusion and not being fully aware of possible impact. There are 32 variants of this worm and in most of Symantec's articles, knowledge-base entries, and blog/forum posts, the authors rarely mention the variants that could negatively affect users.
- As well, there aren't many other vendors that can detect and/or remove infections, so it is critical that rare resources be accurately documented (as much as possible, at least).
- I became curious if any other vendor could detect (and/or remove) the worm, but because I didn't know a common name for this worm that the industry was collectively using, it was difficult to find additional details. Finally, I stumbled across this: http://www.symantec.com/connect/blogs/w32changeup-worm-any-other-name, which is the Symantec Blog. It lists several vendor names of the worm. It is highly annoying that I had to visit Symantec's site to find what McAfee named the worm.
I hate researching worms and viruses because there's no real standards that the AV industry follows.