Hijacked home page

use IE with Windows XP. My normal home page has been hijacked with a message bar reading "about:blank" and a website directory showing up.
I have used Internet Options to "delete history" and also I have loaded my normal home page then "use current" to change to my normal home page. When I re-load IE it goes back to the rogue website. I have run HijackThis, Pest Patrol and Spycatcher but still have the same problem.
What would happen if I took the log from HijackThis and deleted eveything that's in it............?

Your computer would probably not run very well as most of the items in HJT are required for your system to run properly. Post a log so we can see what's going on.

Tom

Logfile of HijackThis v1.97.7
Scan saved at 7:42:56 PM, on 5/21/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\U.S. Robotics\SureConnect ADSL Modem\SureConnect ADSL Utility\USRSureConnect.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\William Storie\Local Settings\Temp\Temporary Directory 7 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\mrhop.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\William Storie\Application Data\Mozilla\Profiles\default\4gpilwe3.slt\prefs.js)
O1 - Hosts: 216.73.89.11 explore1.llbean.com
O1 - Hosts: 209.185.162.204 i.ivillage.co.uk
O1 - Hosts: 209.185.162.149 ivillage.co.uk
O1 - Hosts: 64.49.221.121 livescore.com
O1 - Hosts: 212.58.240.145 news.bbc.co.uk
O1 - Hosts: 192.0.34.129 reports.internic.net
O1 - Hosts: 207.46.156.60 v4.windowsupdate.microsoft.com
O1 - Hosts: 69.20.54.171 vivisimo.com
O1 - Hosts: 207.46.249.57 windowsupdate.microsoft.com
O1 - Hosts: 80.5.176.102 world.rangers.premiumtv.co.uk
O1 - Hosts: 65.77.217.160 www.1234-find-web-designers.org
O1 - Hosts: 207.44.176.88 www.2-freespywareremoval.com
O1 - Hosts: 217.154.146.33 www.accountingeducation.com
O1 - Hosts: 192.150.18.60 www.adobe.com
O1 - Hosts: 65.242.185.67 www.aicpa.org
O1 - Hosts: 207.171.166.149 www.amazon.co.uk
O1 - Hosts: 207.171.163.90 www.amazon.com
O1 - Hosts: 216.22.0.2 www.askmen.com
O1 - Hosts: 66.111.44.182 www.basictgp.com
O1 - Hosts: 12.107.161.210 www.bdo.com
O1 - Hosts: 66.102.130.21 www.bermuda.e-moo.com
O1 - Hosts: 64.207.134.91 www.bermynet.com
O1 - Hosts: 64.62.149.102 www.biopet.com
O1 - Hosts: 4.38.75.43 www.bydesign.com
O1 - Hosts: 64.94.191.3 www.cfo.com
O1 - Hosts: 155.201.224.39 www.cfodirect.com
O1 - Hosts: 64.236.24.12 www.cnn.com
O1 - Hosts: 66.2.87.13 www.copyleft.net
O1 - Hosts: 63.240.15.209 www.corel.com
O1 - Hosts: 216.254.0.118 www.cpeonline.com
O1 - Hosts: 194.159.245.16 www.cummings.demon.co.uk
O1 - Hosts: 69.57.156.225 www.cybertechhelp.com
O1 - Hosts: 192.216.159.159 www.dineoutfreetoday.com
O1 - Hosts: 66.98.154.60 www.enigmasoftwaregroup.com
O1 - Hosts: 128.6.72.72 www.fasb.org
O1 - Hosts: 209.51.177.22 www.foxsportsworld.com
O1 - Hosts: 216.239.41.104 www.google.com
O1 - Hosts: 143.231.86.196 www.house.gov
O1 - Hosts: 202.85.125.77 www.iasplus.com
O1 - Hosts: 192.0.34.163 www.icann.org
O1 - Hosts: 192.0.34.161 www.internic.com
O1 - Hosts: 65.126.254.23 www.llbean.com
O1 - Hosts: 216.74.165.68 www.marthastewart.com
O1 - Hosts: 217.199.166.5 www.medicdirect.co.uk
O1 - Hosts: 207.46.144.222 www.microsoft.com
O1 - Hosts: 206.151.164.31 www.oldnavy.com
O1 - Hosts: 207.44.246.74 www.portmeirion.co.uk
O1 - Hosts: 80.5.176.140 www.rangers.premiumtv.co.uk
O1 - Hosts: 65.205.249.60 www.verisign.com
O1 - Hosts: 208.234.17.105 www.vetinfo.com
O1 - Hosts: 63.123.46.33 www.victoriassecret.com
O1 - Hosts: 199.172.192.172 www.weather.bm
O1 - Hosts: 192.220.116.222 www.webcom.com
O1 - Hosts: 192.220.116.62 www.wrsl.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7FF08339-888E-4489-A055-BE72F8FD0CC4} - C:\WINDOWS\mrhop.dll
O2 - BHO: (no name) - {A8169881-0639-4E54-B1B1-3D55787CE5D3} - C:\WINDOWS\System32\inetcbfg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [EnigmaPopupStop] C:\Program Files\Enigma Software Group\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\RunOnce: [Pest Cleaning] "C:\PROGRA~1\PESTPA~1\ppclean.exe" clean ts:20040520182753484 cws 2 2 2
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: RealDownload Plus.lnk = C:\Program Files\Real\RealDownload\RealDownload.exe
O4 - Global Startup: U.S. Robotics SureConnect ADSL Utility.lnk = ?
O9 - Extra button: Popup Eliminator (HKLM)
O9 - Extra 'Tools' menuitem: Popup Eliminator (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
O16 - DPF: symsupportutil - https://www-secure.symantec.com/tec...supportutil.CAB
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{17B95F96-6BAB-4660-933A-9CBC9CC514C3}: NameServer = 199.172.192.3 199.172.192.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{17B95F96-6BAB-4660-933A-9CBC9CC514C3}: NameServer = 199.172.192.3 199.172.192.4

Trying to play catch-up here. If you still have the problem, let's start with this:

Download this file from http://downloads.subratam.org/dllfix.exe .

Preferably to Desktop. Double click on it and it being a self -extractor, will create its own folder. Run Start.Bat from there. Run Option 1. which is "Run Find-All... ". Let it complete and there will be a pop-up window with a log.
Post that log here.

Tom