If the infection is in a local network, please follow the instructions on this webpage:
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
A dropper available on a web page drops two files in Windows System folder and adds them to the Windows registry:
The first file called Root32.exe is a backdoor and the second one called teekids.exe is the actual worm.
This new variant is functional identical to the previous Lovsan, only the text and the file name have been changed.