While it may 'appear' that only FT is being hijacked, the OP may well find that just leaving a browser window open <about:blank> will eventually spawn an episode -- the Symantec tech & removal links are pretty clear.
It also wouldn't surprise me to imagine that this scumware is network-aware, & happily pokes itself at your LAN.

Looks like there's a few REAL (& free) removal suggestions via Google.

Good Luck
-