W32/Vanebot-AW is a worm and IRC Backdoor for the Windows platform.

W32/Vanebot-AW runs continuously in the background, providing a backdoor server that allows a remote intruder to gain access and control over the computer via IRC channels.

W32/Vanebot-AW spreads:


- to computers vulnerable to common exploits, including: LSASS (MS04-011), SRVSVC (MS06-040), RPC-DCOM (MS04-012) and PNP (MS05-039)
- to network shares

More information can be found at this Sophos page.