Virus.Win32.Virut.ce can infect and alter files to be able to execute and spread itself. This Trojan also blocks access to security websites by modifying the Windows Hosts file. It can also inject a malicious iframe on web files such as .HTM, .PHP or .ASP so that when you run them, your browser will be redirected to malicious web sites.
Virus.Win32.Virut.ce is considered as a polymorphic type of virus or Trojan. It targets mostly .EXE and .SCR files on the infected computer. It may also allow a remote attacker to control the PC via backdoor port. To run each time Windows starts, Virus.Win32.Virut.ce injects its code to Windows process winlogon.exe, explorer.exe, and svchost.exe.
It also writes a code to HTML and other web files that cause hidden iFrame to point the browser to unknown domain. This connection is discrete because Virus.Win32.Virut.ce manages to include it in the allowable list of victim’s firewall.
W32.Virut.CF, W32/Virut.n, PE_VIRUX.A-1, W32/Scribble-A, Virus:Win32/Virut.BM