We just had one of our computer’s firefox slammed. Somehow a script has taken over and now when you type a legitimate URL, it gets hijacked by onestepsearch.net. Sigh, even with running antivirus and antispyware, it doesn’t matter. You really need to install adblock and noscript and turn on cookie checking int he new internet. Also, this might be a time when a total uninstall of firefox can help since clearly there are some parameters hacked around in the firefox configuration file.
“Ghacks”:http://www.ghacks.net/2007/12/21/10-lesser-known-firefox-aboutconfig-parameters/ points out that to get to the configurations, you can do it within firefox by typing _about:config_ and you get a zillion parameters.
Other folks are suggesting, looking in Control Panel/Add/Remove Programs and removing _Onestepsearch_ accorfding to “wiki.answers.com”:http://wiki.answers.com/Q/How_do_you_stop_www.onestepsearch.net_popping_up and it also slams the default search engine in Firefox. You can change that by fixing the keyword.URL parameter in about:config back to it according to Firefox Help: Tips & Tricks
By default, if you enter a search term in the address field and press Enter, a Google “I’m Feeling Lucky” search is performed, and you’re taken to the first result of that search directly. If you prefer to see the standard search result list instead, use about:config to change the value of the preference keyword.URL to http://www.google.com/search?btnG=Google+Search&q=.
Of course, you could also change to a completely different search engine by changing the string to something else. The default search string is: “http://www.google.com/search?btnI=I%27m+Feeling+Lucky&q=”.