There are a couple of virus variants that do, or attempt to do, a reset of your home page. One of the earlier ones was called Troj/JetHome, and is pretty thoroughly analysed on most of the AV sites. You AV will probably catch and disable the infections of this kind; but since they "invade" the registry, your AV alone may not be able to do a complete cleanup.
If you have, or had, one of these, the instructions for cleaning almost any of them should give you a good guide to the steps to take, although not necessarily the exact "keys" to clean out of the registry.
Nearly all of the MP3 "sharing" sites, with the possible exception of the new "pay for play" ones, require you to use their software for file transfers, and all known file share software is said to contain imbedded invasive spyware. A couple of them can be disabled, but a couple of the more popular ones will stop working if you remove the spy components. A couple have been accused of the homepage reset thing, but I haven't seen confirmation from a reliable source.
There are a number of "free download" games that install spyware components in or with the game program. Most of these are less invasive, but they will often attempt to contact their "reporting" site every time you start the game. A couple of the less widely distributed ones have been found with homepage reset components.
Almost any popup that you click on can potentially download spyware, malicious or otherwise, and bypass your AV, since by clicking you have agreed to an installation of software in the eyes of the "providers," and by clicking you inform your AV that it should "pass" the download. If you install it, it doesn't have to contain viral signatures to do almost anything the programmer chose to put in it.
Your AV can't do much about spyware or other "malware" if it's part of something you agree to download, and even some nominally reputable people are not exempt from suspicion. Intuit (the Quicken guys) slammed an installation of a modified and very suspicious version of IE with the installation of their TurboTax a couple of years ago, on the pretense that "it was necessary" for them to do your income tax return. It was an obsolete version that had none of the security updates then current, but would replace your current version (and remove all your updates) if you installed their program. I'm still wondering what information they might need that wasn't in your return; but I would expect they know a lot more about anyone who used their stuff than they have revealed. Since you could, theoretically, install their program and do your mail-in return without contacting their website, the following year they imposed an "activation" key that you had to get from their site (while their program transferred all the data it had collected from your machine?) before the program would run. It will be quite a while before I'll consider using any Intuit program again.