What is it?
WORM_SASSER.B - AVSERVE2.EXE

What does it do?
This worm exploits the Windows LSASS vulnerability , which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of affected systems. This vulnerability is discussed in detail in the following pages:

• MS04-011_MICROSOFT_WINDOWS
• Microsoft Security Bulletin MS04-011

Upon execution, it drops a copy of itself in the Windows folder as AVSERVE2.EXE.

Removal:
Trend Micro has the full dirt ( HERE )