Troj/Sdbot-RV is a Windows Trojan.
The Trojan contains backdoor functions that allows unauthorised remote access to the infected computer via IRC channels while running in the background.
When run Troj/Sdbot-RV copies itself to the Windows system folder as ___synmgr.exe.
The Trojan also creates the following registry entries so that it is able to run on user logon:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft Synchronization Manager
___synmgr.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
Microsoft Synchronization Manager
___synmgr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft Synchronization Manager
___synmgr.exe
Troj/Sdbot-RV will attempt to partake in distributed denial-of-service (DDoS) attacks and download and run files from the internet when instructed to do so by a remote attacker.
The Trojan also tries to terminate and disable various anti-virus and security-related programs.