[ DetectionInfo ]
    * Sandbox name: W32/NetworkWorm
    * Signature name: NO_VIRUS

 [ General information ]
    * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)
**.
    * File might be compressed.
    * File length:       114176 bytes.
    * MD5 hash: 8cbdcba146b9c46088091f58219f3364.

 [ Changes to filesystem ]
    * Creates file C:\WINDOWS\SYSTEM32\RAVMOND.exe.
    * Creates file C:\bak.RAR.
    * Creates file N:\pass.ZIP.
    * Creates file N:\\Adobe Photoshop6.0.zip.exe.

 [ Changes to system settings ]
    * Modifies profile key "run"="RAVMOND.exe" in section [WINDOWS] of file C:\WINDOWS\win.ini.

 [ Network ]
    * Enumerates network (MPR).

 [ Spreading through LAN/WAN ]
    * Worm spreading over a network connection.

 [ Process/window information ]
    * Creates an event called Anti_virus_v99.

 [ Signature Scanning ]
    * C:\WINDOWS\SYSTEM32\RAVMOND.exe (114176 bytes) : Lovgate.AR@mm.
    * C:\bak.RAR (114290 bytes) : no signature detection.