I had this lovely infection as well. FinderActive.com, FlueBlue.com and the IP address 126.96.36.199 are the culprits... I believe people are getting the infection via P2P. I could be wrong but anyways...
Check your host file (C:/windows/system32/drivers/etc/hosts) for the two lines:
Hosts: 188.8.131.52 auto.search.msn.com
Hosts: 184.108.40.206 auto.search.msn.es
If you don't know how to do this, please go here
to read on this infection and directions to fix your hosts file.
These also come with the "infection". No anti-virus programs show any infection. Seems that just the address bar search and hosts files are modified.
View this page for more info (It's safe, I promise lol):MixingOnTheBoat.com Topic on FinderActive.com
They diagnosed the issue... And multiple people have filed complaints at 1&1.com (Registrar) and the Public Domain Registry, reporting abuse by this domain as advise all people who come across this do as well...
Let me know if I can help!
And another tip. Granted I got infected, but it was from P2P... To secure your browsing- download SandBoxie. It is an outstanding tool that adds a whole new dimension to protection, for FREE! Similar to avast!'s sandbox. But free lol.
P.S. follow tg1911's instruction on the about:config as well in addition to mine and you should be fine. I will continue to review the infection and will post if any other files were modified by this.
IE users, I'd tell you how to fix to issue, but I hate the insecurity of IE (Not an accepted Internet Browser by definition - and a web designer's worst nightmare...) So please download FireFox or Chrome to save yourself!
Edited by BlackedOut271, 17 February 2012 - 07:50 AM.