() C:\Program Files\eDealsPop\eDealsPop.exe
C:\Program Files\eDealsPop
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
C:\ProgramData\WindowsMangerProtect
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
C:\ProgramData\IePluginServices
() C:\Program Files\SupTab\HpUI.exe
() C:\Program Files\SupTab\Loader32.exe
C:\Program Files\SupTab
HKLM\...\Run: [eDealsPop] => C:\Program Files\eDealsPop\eDealsPop.exe [7168 2014-07-17] ()
HKU\S-1-5-21-1474852453-2707816283-4033093493-1000\...\MountPoints2: {244a42e0-08b7-11e2-b972-001c25477ceb} - H:\AutoRun.exe
HKU\S-1-5-21-1474852453-2707816283-4033093493-1000\...\MountPoints2: {244a42eb-08b7-11e2-b972-001c25477ceb} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:32546
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...CPYXXXX9SY2NCPY
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...CPYXXXX9SY2NCPY
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...CPYXXXX9SY2NCPY
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...CPYXXXX9SY2NCPY
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = 
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.co...cr=401868477=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.co...cr=401868477=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.websse...&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.co...cr=401868477=
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
BHO: No Name -> {11111111-1111-1111-1111-110411401120} ->  No File
BHO: No Name -> {11111111-1111-1111-1111-110511131184} ->  No File
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-18] (Fuyu LIMITED) [File not signed]
S2 GUIKernelWin32.exe; C:\Users\VSR\AppData\Local\GUIKernelWin32\GUIKernelWin32.exe [X]
S2 Update ClearThink; "C:\Program Files\ClearThink\updateClearThink.exe" [X]
2014-09-18 05:39 - 2014-09-18 05:39 - 01158320 _____ (Zugara Investments Limited ) C:\Users\VSR\Desktop\frstexe.exe
2014-09-15 19:16 - 2014-09-15 19:16 - 01158200 _____ (Zugara Investments Limited ) C:\Users\VSR\Downloads\otlexe.exe
2014-09-07 11:10 - 2014-09-07 11:10 - 00000000 __SHD () C:\ProgramData\360Quarant
2014-09-07 11:10 - 2014-09-07 11:10 - 00000000 __SHD () C:\$360Section
2014-09-07 11:08 - 2014-09-07 17:45 - 00000000 ____D () C:\Program Files\360
2014-09-18 04:46 - 2014-02-22 22:46 - 00001362 _____ () C:\Windows\Tasks\VEEHD Plugin V9.0-enabler.job
2014-09-18 04:45 - 2014-02-22 22:45 - 00003100 _____ () C:\Windows\Tasks\VEEHD Plugin V9.0-chromeinstaller.job