Windows 7 / Sperrbildschirm / Abgesicherter Modus funktioniert nicht

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-SU54OOR on 15-03-2014 07:53:24
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-20] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [627360 2011-04-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-04-13] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-01-31] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\Arsenal10\...\Run: [miCoach Manager] - C:\Program Files (x86)\adidas\miCoach Manager\SyncManager.exe [3878896 2012-01-23] (adidas)
HKU\Arsenal10\...\Winlogon: [Shell] explorer.exe,C:\Users\Arsenal10\AppData\Roaming\skype.dat [84992 2011-11-16] () <==== ATTENTION 
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{16cdf~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{16cdff19-861d-48e3-a751-d99a27784753}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs-x32: c:\progra~3\bitguard\271832~1.68\{16cdf~1\bitguard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.dll [3618304 2013-11-18] ()
Startup: C:\Users\Arsenal10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk ->  (No File)

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-03-04] (Advanced Micro Devices, Inc.)
S2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-16] (Advanced Micro Devices)
S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-13] (Atheros)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [3780064 2013-11-18] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-01-31] (PDF Complete Inc)
S2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [333264 2010-07-08] ()
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-24] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [953904 2010-11-22] (Symantec Corporation)
S5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110323.001\IDSvia64.sys [476792 2011-03-22] (Symantec Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-13] (hxxp://libusb-win32.sourceforge.net)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110106.003\ENG64.SYS [117880 2011-01-05] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110106.003\EX64.SYS [1791096 2011-01-05] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-18] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 07:53 - 2014-03-15 07:53 - 00000000 ____D () C:\FRST
2014-03-09 01:07 - 2014-03-09 01:07 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard

==================== One Month Modified Files and Folders =======

2014-03-15 07:53 - 2014-03-15 07:53 - 00000000 ____D () C:\FRST
2014-03-09 01:18 - 2013-05-01 15:09 - 00000004 _____ () C:\Users\Arsenal10\AppData\Roaming\skype.ini
2014-03-09 01:18 - 2012-10-28 12:50 - 00000000 ____D () C:\Users\Arsenal10\AppData\Roaming\BrowserCompanion
2014-03-09 01:15 - 2009-07-13 20:45 - 00032064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 01:15 - 2009-07-13 20:45 - 00032064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 01:12 - 2011-08-02 12:29 - 00717628 _____ () C:\Windows\System32\perfh007.dat
2014-03-09 01:12 - 2011-08-02 12:29 - 00150942 _____ () C:\Windows\System32\perfc007.dat
2014-03-09 01:12 - 2009-07-13 21:13 - 00005190 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-09 01:11 - 2011-10-04 15:52 - 01048545 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 01:07 - 2014-03-09 01:07 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-03-09 01:07 - 2011-08-02 03:31 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-09 01:07 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 01:07 - 2009-07-13 20:51 - 00086884 _____ () C:\Windows\setupact.log
2014-02-27 09:26 - 2012-07-11 04:23 - 00000000 ____D () C:\Users\Arsenal10\Documents\Bluetooth Folder

Files to move or delete:
====================
C:\Users\Arsenal10\AppData\Roaming\skype.dat
C:\Users\Arsenal10\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Arsenal10\AppData\Local\Temp\53512-663677-free-youtube-to-mp3-converter.exe
C:\Users\Arsenal10\AppData\Local\Temp\coupish.exe
C:\Users\Arsenal10\AppData\Local\Temp\dealply.exe
C:\Users\Arsenal10\AppData\Local\Temp\instloffer.exe
C:\Users\Arsenal10\AppData\Local\Temp\IPx64_1031.exe
C:\Users\Arsenal10\AppData\Local\Temp\pid16.dll
C:\Users\Arsenal10\AppData\Local\Temp\pid32.dll
C:\Users\Arsenal10\AppData\Local\Temp\s6rn6pul.dll
C:\Users\Arsenal10\AppData\Local\Temp\tbbabylonv3.exe
C:\Users\Arsenal10\AppData\Local\Temp\TB_E05F.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-02-21 12:48:29
Restore point made on: 2013-02-26 01:58:01
Restore point made on: 2013-03-01 14:44:37
Restore point made on: 2013-03-05 12:43:29
Restore point made on: 2013-03-08 14:04:15
Restore point made on: 2013-03-15 17:23:24
Restore point made on: 2013-03-15 17:44:40
Restore point made on: 2013-03-16 03:15:38
Restore point made on: 2013-03-16 04:02:09
Restore point made on: 2013-03-19 11:27:21
Restore point made on: 2013-03-23 12:45:15
Restore point made on: 2013-03-27 12:12:43
Restore point made on: 2013-03-27 18:00:57
Restore point made on: 2013-04-02 11:44:26
Restore point made on: 2013-04-07 12:24:28
Restore point made on: 2013-04-12 08:35:08
Restore point made on: 2013-04-14 12:43:19
Restore point made on: 2013-04-21 11:45:00
Restore point made on: 2013-04-25 12:08:38
Restore point made on: 2013-04-26 14:57:27
Restore point made on: 2013-05-01 14:58:34
Restore point made on: 2014-02-27 09:22:37

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3834.9 MB
Available physical RAM: 3125.78 MB
Total Pagefile: 3833.05 MB
Available Pagefile: 3103.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:282.48 GB) (Free:238.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:15.32 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive h: () (Fixed) (Total:7.45 GB) (Free:7.45 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0EFD49B7)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 3E24C7F9)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)


LastRegBack: 2012-11-08 03:53

==================== End Of Log ============================