Hijack log hjælp..

Sidder ved en pc der har problemer med popups når de bruger netbank til nordea ... har lige kørt hijack og gemt loggen:

Logfile of HijackThis v1.98.0
Scan saved at 17:20:59, on 06-08-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
C:\Programmer\CA\eTrust Antivirus\InoRT.exe
C:\Programmer\CA\eTrust Antivirus\InoTask.exe
C:\Programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Windows\Reminder.exe
C:\WINDOWS\System32\taskmgr.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Programmer\Smart270\KeyMon.exe
C:\WINDOWS\System32\wuamgrd.exe
C:\WINDOWS\System32\dailin.exe
C:\WINDOWS\System32\xdswmn.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\hijack\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://find.tdconline.dk/msie_google.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nordea.dk/sitemod/default/portal.aspx?pid=10039
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tdconline.dk/start
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [StorageGuard] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Reminder] C:\Windows\Reminder.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [MMKey] C:\Programmer\Smart270\KeyMon.exe
O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\idnsiyih.exe
O4 - HKLM\..\Run: [Micro Update] dailin.exe
O4 - HKLM\..\Run: [scnkgpc] C:\WINDOWS\System32\xdswmn.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe
O4 - HKLM\..\RunServices: [Micro Update] dailin.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Update] wuamgrd.exe
O4 - HKCU\..\Run: [Micro Update] dailin.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O17 - HKLM\System\CCS\Services\Tcpip\..\{1975F3EE-1BA6-453D-A4B0-2E73A81386D7}: NameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CS1\Services\Tcpip\..\{1975F3EE-1BA6-453D-A4B0-2E73A81386D7}: NameServer = 193.162.153.164 194.239.134.83