Troj/Agent-GPE is a Trojan for the Windows platform.
When Troj/Agent-GPE is installed it creates the file <Windows>\Web\default.htt.
Troj/Agent-GPE changes settings for Microsoft Internet Explorer by modifying values under:
HKCU\Software\Microsoft\Internet Explorer\Main\Search Bar
HKCU\Software\Microsoft\Internet Explorer\Main\Search Page
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page
The following registry entries are set, affecting internet security:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1208
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
2500
3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
1208
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
2500
3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1208
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
2500
3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
1208
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
2500
3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1208
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
2500
3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1201
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1804
1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
1201
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1201
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1804
1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
1201
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1200
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1201
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1608
0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1804
1
The following registry entries are set, disabling system software:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
DisableRegistryTools
1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
DisableTaskMgr
1
Registry entries are set as follows:
HKCU\Software\Microsoft\Internet Explorer\Main
Enable Browser Extensions
yes
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
EnableBalloonTips
1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
EnableBalloonTips
1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoControlPanel
1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoWindowsUpdate
1
Registry entries are created under:
HKCR\.shtml