I am not sure what this thing is that keeps annoying me with popups that just won't go away. I have scanned with Spybot, Adware, LSPfix, NoLop wich did find something, spyware blaster, trojanhunter and spywaredoctor and whatever else I could find and I still get popups, even when I don't have explore open. I also use Maxthon and it does the same in it as well. Not sure what the trigger is because sometimes I can go a few hours with nothing and then I will get a bunch with every web page I open. I ran Hijackthis and removed some items and still get the popups. Here is my newest log if anyone can offer any help it would greatly be appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 1:55:11 PM, on 2/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\AutoMate 6\AMTS.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
J:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
J:\Program Files\HHVcdV6Sys\VC6SecS.exe
J:\WINDOWS\Explorer.EXE
J:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
J:\WINDOWS\system32\WgaTray.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
J:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
J:\Program Files\HHVcdV6Sys\VC6Play.exe
J:\Program Files\AutoMate 6\AMEM.exe
J:\Program Files\Dynamic\Dynamic Submission V7\Scheduler.exe
J:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
J:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
J:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
J:\Program Files\Novosoft\Handy Backup\hbagent.exe
J:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
J:\Program Files\WinZip\WZQKPICK.EXE
j:\progra~1\maxthon\maxthon.exe
J:\Program Files\KeyText\KeyText.exe
J:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
J:\Program Files\KeyText\KeyText.exe
J:\Program Files\Maxthon\Maxthon.exe
J:\Program Files\Virtual CD v6\System\VC6Tray.exe
J:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
J:\Program Files\Maxthon\Maxthon.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\rdpclip.exe
J:\WINDOWS\system32\logonui.exe
J:\WINDOWS\system32\logon.scr
J:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Sample IE BHO - {45E1A125-41A3-4253-A5EC-3354A4E7C56D} - J:\Program Files\Novosoft\Handy Backup\Plugins\LinkSave.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - J:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - J:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "J:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [VC6Player] "J:\Program Files\HHVcdV6Sys\VC6Play.exe"
O4 - HKLM\..\Run: [pccguide.exe] "J:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [AutoMate6] "J:\Program Files\AutoMate 6\AMEM.exe"
O4 - HKLM\..\Run: [DSScheduler] "J:\Program Files\Dynamic\Dynamic Submission V7\Scheduler.exe" \1
O4 - HKLM\..\Run: [flagmpegstyleshim] J:\Documents and Settings\All Users\Application Data\Bike Dash Flag Mpeg\PUREHECK.exe
O4 - HKCU\..\Run: [OE] "J:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [RoboForm] "J:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "J:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [Bind drive] J:\DOCUME~1\TimPC\APPLIC~1\GPLSTY~1\32 move flap.exe
O4 - HKCU\..\Run: [Handy Backup 5.4] "J:\Program Files\Novosoft\Handy Backup\hbagent.exe" -logon
O4 - Startup: Adobe Gamma.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: KeyText.lnk = J:\Program Files\KeyText\KeyText.exe
O4 - Startup: Shortcut to Suitcase.exe.lnk = J:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = J:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: WinZip Quick Pick.lnk = J:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Customize Menu - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162148797093
O20 - Winlogon Notify: hblogon - J:\WINDOWS\SYSTEM32\hblogon.dll
O20 - Winlogon Notify: WgaLogon - J:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - J:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AutoMate 6 (AutoMate6) - Network Automation, Inc. - J:\Program Files\AutoMate 6\AMTS.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - J:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Virtual CD v6 Management Service (VC6SecS) - H+H Software GmbH - J:\Program Files\HHVcdV6Sys\VC6SecS.exe

Welcome to the forum, if you still need help and are not receiving it elswhere, I still see LOP in this log. It may be you removed it and it just needs to be removed from the HJT log, but I would like to run the fix again to se sure.

On another note you have this item: O20 - Winlogon Notify: hblogon - J:\WINDOWS\SYSTEM32\hblogon.dll
here's the Google: http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLG,GGLG:2006-16,GGLG:en&q=hblogon%2edll
I see one reference to: http://www.simpy.com/user/stubaker/tag/hblogon
If you want to check it, here is a free scan: http://virusscan.jotti.org/

I am about 99% sure it is a back door trojan so you should have this information:
You're infected, one or more of the identified infections steal information. If this system is used for online banking or has credit card information on it, all passwords should be changed immediately by using a different computer (not the infected one!) to make the changes. Banking and credit card institutions, if any, should be notified of the possible security breech. I suggest that you read this article too. http://www.dslreports.com/faq/10451

Let's proceed like this:

1) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.

2) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.

3) TeaTimer will block changes we must make, use this information to turn it off until you are finished:
http://russelltexas.com/malware/teatimer.htm

4) Please download NoLop to the Desktop from one of these links:
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item16

Close any programs you have running since a reboot is required
Double click NoLop.exe to run it
Next, click the button labeled: Search and Destroy
<<your computer will now be scanned for infected files>>
When the scan finishes, if infected, you are prompted to reboot
Click OK

Now click: REBOOT
A Message should popup from NoLop. If not, double click the program again and it will finish.
Please Post the contents of C:\NoLop.log along with a new HijackThis log

(hold those logs until we finish)

5) How to use the Delete on Reboot tool http://www.bleepingcomputer.com/tutorials/tutorial42.html#delreb
Start Hijackthis
Click on the Config button
Click on the Misc Tools button
Click on the button labeled Delete a file on reboot...
A new window will open asking you to select the file that you would like to delete on reboot. Navigate to the file: C:\WINDOWS\SYSTEM32\hblogon.dll and click on it once, and then click on the Open button.
You will now be asked if you would like to reboot your computer to delete the file. Click on the Yes button if you would like to reboot now.

6) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
(next is damaged, download it again once we finish if you use it)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O4 - HKLM\..\Run: [flagmpegstyleshim] J:\Documents and Settings\All Users\Application Data\Bike Dash Flag Mpeg\PUREHECK.exe
LOP
O4 - HKCU\..\Run: [Bind drive] J:\DOCUME~1\TimPC\APPLIC~1\GPLSTY~1\32 move flap.exe
LOP
O20 - Winlogon Notify: hblogon - J:\WINDOWS\SYSTEM32\hblogon.dll

Close all programs but HJT and all browser windows, then click on "Fix Checked"

7) RIGHT Click on Start then click on Explore. Locate and delete these items:

J:\Documents and Settings\All Users\Application Data\Bike Dash Flag Mpeg\ <<< delete that folder

J:\DOCUMENT AND SETTIBGS~1\TimPC\APPLIC~1\GPLSTY~1\ <<< delete that folder

J:\WINDOWS\SYSTEM32\hblogon.dll <<< delete that file (double check)

8) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

Restart and post the C:\NoLop.log along with a new HijackThis log. Please add any comments you think will help and let me know how the computer is running now.

Thanks

You are a god send!!. I am unsure how you know what you know but it is truly amazing!

I did everything you said in your post, the only thing was there was no nolop found when I ran the scanner and I could not figure out how to get a log file from it. I ran it again after the final reboot after using ATF cleaner and it still found nothing and as soon as I said ok it just shut down. Not sure where a log file is. Here is my newest HJT logfile. Thanks again for all your help. If you see anything else let me know.

Logfile of HijackThis v1.99.1
Scan saved at 9:06:16 AM, on 2/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\AutoMate 6\AMTS.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
J:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
J:\Program Files\HHVcdV6Sys\VC6SecS.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
J:\Program Files\HHVcdV6Sys\VC6Play.exe
J:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
J:\Program Files\AutoMate 6\AMEM.exe
J:\Program Files\Dynamic\Dynamic Submission V7\Scheduler.exe
J:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
J:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
J:\Program Files\Novosoft\Handy Backup\hbagent.exe
J:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
J:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
J:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
J:\Program Files\WinZip\WZQKPICK.EXE
J:\Program Files\KeyText\KeyText.exe
J:\WINDOWS\system32\WgaTray.exe
J:\Program Files\KeyText\KeyText.exe
J:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
J:\Program Files\Virtual CD v6\System\VC6Tray.exe
J:\WINDOWS\system32\wuauclt.exe
J:\WINDOWS\system32\wuauclt.exe
J:\Documents and Settings\TimPC\Desktop\Popup virus\Aftertell\NoLop.exe
J:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Sample IE BHO - {45E1A125-41A3-4253-A5EC-3354A4E7C56D} - J:\Program Files\Novosoft\Handy Backup\Plugins\LinkSave.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - J:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - J:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "J:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [VC6Player] "J:\Program Files\HHVcdV6Sys\VC6Play.exe"
O4 - HKLM\..\Run: [pccguide.exe] "J:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [AutoMate6] "J:\Program Files\AutoMate 6\AMEM.exe"
O4 - HKLM\..\Run: [DSScheduler] "J:\Program Files\Dynamic\Dynamic Submission V7\Scheduler.exe" \1
O4 - HKCU\..\Run: [OE] "J:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [RoboForm] "J:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Handy Backup 5.4] "J:\Program Files\Novosoft\Handy Backup\hbagent.exe" -logon
O4 - Startup: Adobe Gamma.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: KeyText.lnk = J:\Program Files\KeyText\KeyText.exe
O4 - Startup: Shortcut to Suitcase.exe.lnk = J:\Program Files\Extensis\Suitcase 9.2\Suitcase.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = J:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: WinZip Quick Pick.lnk = J:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://J:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Customize Menu - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://J:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162148797093
O20 - Winlogon Notify: WgaLogon - J:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - J:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AutoMate 6 (AutoMate6) - Network Automation, Inc. - J:\Program Files\AutoMate 6\AMTS.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - J:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - J:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Virtual CD v6 Management Service (VC6SecS) - H+H Software GmbH - J:\Program Files\HHVcdV6Sys\VC6SecS.exe

Thanks for the feedback, I have been at it for around eight or so years but it is hard to stay ahead of the hackers. They make much more $$$. You have programs that look valid, if you would just look down the most recent HJT log and make sure you know them all, you can save me research time. Beside that, I would say you are clean and suggest you do this:
System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam

The problems with NoLop appear to be where you ran it from, it needs to run from the Desktop and you ran it from Docs and Settings? You can delete the tool.
J:\Documents and Settings\TimPC\Desktop\Popup virus\Aftertell\NoLop.exe

Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.