Adware.Ebuyer

* Registry path

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | e-buyer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ebuyer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ishop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30C4DE80-461B-426C-88D2-BF1A66C6627A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e-Buyer Updater

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION |  ebuyer.exe
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | ebuyerup.exe

* Files path

C\Windows\System32\Tasks\e-Buyer Updater
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.4.4\res.dll
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.4.4\fobkbCag.dll
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.4.4\ebuyerup.exe
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.4.4\ebuyer.exe
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.2.5\res.dll
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.2.5\eemrfpbm.dll
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.2.5\ebuyerup.exe
C\Users\TEST\AppData\Local\ebuyer\ebuyer\1.4.2.5\ebuyer.exe