Sasser.E is easy to recognize, as it restarts Windows XP/2000 computers when it attempts to affect them by exploiting the LSASS vulnerability. When this action is carried out, Sasser.E displays the following message on screen:
In addition, once Sasser.E has been run, it displays the following message on screen every two hours:
1. Your computer is affected by the MS04-011 vulnerability
2. It can be that dangerous computer viruses similar
the Blaster worm infect your computer.
3. Please update your computer with the MS04-011 LSASS patch
from the www.microsoft.com website.
4. This is an message from the SkyNet Team for
malicious activity prevention.