I also have the same problem. I don't believe it is a hijack issue but I have included my hijack log.

This happened shortly after a fresh install of xp with sp2. I have also tried a reinstall over top and it hasn't helped.

Logfile of HijackThis v1.98.2
Scan saved at 8:39:15 AM, on 10/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\carl\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1096570285295

ok problem solved - woo hoo!
I looked in the event viewer and found there were several DCOM event failures for the WIA Device Manager.
I unplugged my scanner (HP 4470) and problems solved. Reinstalled the drivers, rebooted and plugged in the scanner and all is well.

For future reference, if anyone else has a similar problem, please start a new thread.

IE is the most secure web browsing solution (not client) availible for windows.

By running IE as a less privileged user and locking it down (with regard to scripts and the like) IE will be safe to browse with.

The reason why it is more secure than other locked down browsers run as a less privileged user is that since you can't remove IE you've up the system's complexity by adding the second browser. Giving the entire system less assurance, in pracitcal terms it means that many expolits will be able to target the application they wish and this means that your new browser and IE are valid targets. (This however does not include browsing exlpoits, but since comparing those merely comes down to a conversation about bug counts as most browsers offer the same types of security mechanism there really is no point.)

catch

One should not have to do that though . One can lock it down until it's almost unuseable. Give me Opera straight out of the box anytime . Safe as houses.

Ok, let's try this again.

I don't know why you're hung up on the settings being default? The settings should be such that they fit most appropriately within the system. Locking a system down (hardening) has more easily calculated consequences than disabling security features, this is why high security systems ship in a completely unhardened state and provide a TFM for the system owners/custodians to harden as appropriate. The fact is IE has the functionality to be locked down, default or not is unimportant.

Take note,

Web browsers face two types of attacks:

1. Arbitrary code execution
2. spoofing and other contained exploits

#1 is defeated by running the browser via a less privileged user, such as a guest account. #2 is defeated by by proper configuration, and again simple security math tells us that it is better for a system to be issued in as unhardened of a state as possible so that once it's final configuration has been determined hardening can ensure more complete coverage using the fewest resources.

Now #1 is completely defeated, #2 is an area that is still likely to effect the browser, any browser in fact, but to a greatly reduced extent if the browser is locked down.

All this being said there is no advantage to IE over anything else with regard to security, unless you want to make a discussion about development maturity models and I don't think you do.

Now the weakness, any Windows system is still going to have IE on it, so any local exploits or other non-browsing issues can still target it as well as your new browser of choice. This means that with regard to this type of attack your security is actually less by running a second browser. Consequently using only IE is more secure.

catch