This is a parasitic 32-bit file infecting virus that infects Windows PE files on the victim machine.
When an infected file is run on the victim machine, the file SVCHOST.EXE (36,352 bytes) is dropped in %WinDir%. The file is set with the system attribute set. On Windows 9x machines, the following Registry key is added to hook system startup:
"PowerManager" = %WinDir%\SVCHOST.EXE
On Windows NT/2000/XP machines, the dropped file is installed as a service, with the following characteristics:
||Manages the power save features of the computer
Once running in memory, the virus periodically attempts to infect PE files on the victim machine.