I have uploaded a sample of this Backdoor.
Below is a short description:
When it's executed, the malware will create a file named rdihost.dll in %Windir%\System32 folder and it will inject it in explorer.exe process.
It will create an own copy as an archive in %windir% folder, named "photo album.zip"
Then it will connect to an IRC channel on www.fre[blocked]e8.biz and will wait for commands from a malicious attacker. The connection string is "lol lol lol :shadowbot2"
Based on those commands the Security Center and SharedAccess services can be stopped. Also it can download and execute files or it can attack other computers.
There are a few things that I've ommited in order not to spoil the whole fun :)