Redplut is a virus. Once executed, it installs itself to the system and attempts to reboot a computer. Then Redplut copies itself to local RAR and Zip archives and infects files of installed frequently used software including Internet Explorer, Mozilla Firefox, WinAmp, Windows Media Player, the Task Manager, etc. The virus also attempts to create unprotected network shares and spread the infection through them. Redplut runs telnet and mail servers, the Task Scheduler, the Messenger and the Remote Registry services. This is made in order to lower overall system security and allow remote attackers to access the compromised computer.
gcc.exelcc.exemsdef.exenotepad.exeservices.exesetup32i.exe
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunPluto! pagerHKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunsystem handlerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunPluto! pagerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunsystem handler