perhaps it installs "blue pill."
Blue Pill doesn't run under Intel Celeron, older Pentium Dual-Core, or Pentium M processors (which lack the necessary VT technology), so if such a payload were included, it wouldn't load on my test system.
For those who want to test it, here are some ideas on blocking and detecting Blue Pill-like infections:
My only concern was searching for persistent infections.
Only works in 64 bit version of Windows 7 at present.