Welcome to the Virus Encyclopedia of Panda Security.
It is a detection of the script created by the worms Sdbot in order to download themselves to the affected computer via FTP.
|First detected on:||Dec. 15, 2004|
|Detection updated on:||May 16, 2006|
Some variants of the Sdbot worm spread via the Internet by attacking random IP addresses. These variants attempt to exploit several vulnerabilities in Windows operating systems, such as RPC-DCOM, LSASS, etc.
If they succeed in exploiting any of those vulnerabilities, they create and run a script, which downloads the worm via FTP.
Panda products detect this script as W32/Sdbot.ftp.
If your Panda solution detects W32/Sdbot.ftp, it does not necessarily mean that your computer has been affected by a Sdbot worm. It warns users of an attack to their computers.>
Sdbot.ftp is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.