CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-345086361-1354177263-1882197541-10209 -> DefaultScope {935E7A9D-E397-4F44-AA0E-4EBACF9A5990} URL =  
SearchScopes: HKU\S-1-5-21-345086361-1354177263-1882197541-10209 -> {935E7A9D-E397-4F44-AA0E-4EBACF9A5990} URL = 
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
U3 idsvc; no ImagePath
Task: {0E085AD0-83B1-4AB1-A5D3-6D78BE6993AF} - System32\Tasks\LINQ_wxWidgets => C:\ProgramData\efiLINQ\efiLINQ.exe [2015-11-11] (Electronics For Imaging, Inc.) <==== ATTENTION
C:\ProgramData\efiLINQ
Task: {222D3206-D7F5-493C-A6B0-B68D59689585} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe  <==== ATTENTION
C:\Program Files (x86)\FreeFileViewer
Task: {5DE7D40B-7A3C-485F-B272-978C33CF5923} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {7E8A9289-0D78-4164-9874-F4FAA610A6B3} - \Lenovo\Lenovo Service Bridge\S-1-5-21-3351432447-3376353146-3141236681-1000 -> No File <==== ATTENTION
Task: {93169E77-6AB3-4629-AE2E-7FD93EF561A2} - System32\Tasks\TVInstallRestore => C:\Users\ah010067\AppData\Local\Temp\TeamViewer\TeamViewer_.exe  <==== ATTENTION
C:\Users\ah010067\AppData\Local\Temp\TeamViewer
Task: {C4ED5F68-99D5-438F-AEDE-5DE9B76C42D7} - \PMTask -> No File <==== ATTENTION
Task: {D5C77B97-61A2-40A5-9D8B-E0DC1BFA5F87} - System32\Tasks\CWS Analytics => C:\ProgramData\efiLINQ\efiLINQ.exe [2015-11-11] (Electronics For Imaging, Inc.) <==== ATTENTION
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
C:\Program Files (x86)\FreeFileViewer
AlternateDataStreams: C:\ProgramData\TEMP:A303874F [274]
AlternateDataStreams: C:\ProgramData\TEMP:AB1A1E3D [300]
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [330]
AlternateDataStreams: C:\ProgramData\TEMP:D5375828 [316]
Emptytemp: