Quite recently, an exploit in the wild seems to introduce a trojan Firefox plugin. As of last week, nothing I ran picked up on it, even an updated Spybot Search & Destroy. Fortunately, someone figured out what it was. A tool called Goored will resolve it.
It’s an executable. If you aren’t comfortable downloading random executables from forums, you can manually clean up your system by completely exiting Firefox, browsing to your extensions directory, then deleting any installed extensions with recent dates. The hijack comes from a overlay.xul file in the trojan extension.