I had this lovely infection as well. FinderActive.com, FlueBlue.com and the IP address 188.8.131.52 are the culprits... I believe people are getting the infection via P2P. I could be wrong but anyways...
Check your host file (C:/windows/system32/drivers/etc/hosts) for the two lines:
Hosts: 184.108.40.206 auto.search.msn.com
Hosts: 220.127.116.11 auto.search.msn.es
If you don't know how to do this, please go here
to read on this infection and directions to fix your hosts file.
These also come with the "infection". No anti-virus programs show any infection. Seems that just the address bar search and hosts files are modified.
View this page for more info (It's safe, I promise lol):MixingOnTheBoat.com Topic on FinderActive.com
They diagnosed the issue... And multiple people have filed complaints at 1&1.com (Registrar) and the Public Domain Registry, reporting abuse by this domain as advise all people who come across this do as well...
Let me know if I can help!
And another tip. Granted I got infected, but it was from P2P... To secure your browsing- download SandBoxie. It is an outstanding tool that adds a whole new dimension to protection, for FREE! Similar to avast!'s sandbox. But free lol.
P.S. follow tg1911's instruction on the about:config as well in addition to mine and you should be fine. I will continue to review the infection and will post if any other files were modified by this.
IE users, I'd tell you how to fix to issue, but I hate the insecurity of IE (Not an accepted Internet Browser by definition - and a web designer's worst nightmare...) So please download FireFox or Chrome to save yourself!
Edited by BlackedOut271, 17 February 2012 - 07:50 AM.