start 
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM-x32 - Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Pas de fichier
Toolbar: HKU\S-1-5-21-2999490926-649119134-4058073988-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Pas de fichier
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\spedy\AppData\Roaming\Mozilla\Firefox\Profiles\0hf1do96.default\features\{3f2e0303-0211-4e27-abac-7ddbf9f86f5c}\disableSHA1rollout@mozilla.org.xpi [2017-02-17]
S3 catchme; \??\C:\Users\spedy\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110918.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110918.008\EX64.SYS [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
2017-02-10 20:26 - 2017-02-19 12:39 - 00000000 ____D C:\Users\spedy\AppData\Roaming\ParetoLogic
2017-02-10 20:20 - 2017-02-19 12:39 - 00000000 ____D C:\ProgramData\ParetoLogic
2017-02-10 20:20 - 2017-02-19 12:39 - 00000000 ____D C:\Program Files (x86)\ParetoLogic
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]



EmptyTemp:
end