Sasser.D is an Internet worm spreading through the MS04-011 (LSASS) vulnerability.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
More scanning & removal options
More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.
You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.
Eliminating a Local Network Outbreak
If the infection is in a local network, please follow the instructions on this webpage:
To manually disinfect an infected system, first apply the Microsoft patch MS04-011, then use Task Manager to kill the "skynetave.exe" process, then delete the file 'skynetave.exe' from your Windows directory and reboot.
For step-by-step instructions, see Microsoft's site: https://www.microsoft.com/security/incident/sasser.asp#steps
Sasser.D is a variant of Sasser.C. This version starts 128 processes to scan for new vulnerable hosts and sends ICMP ECHO requests before attacking.
For more details, see the description of Sasser.B.