I tried to set it back by a system restore to several days before the occurrence. That did not work, repeatedly the restore failed to take. I rebooted in safe mode and did a restore again. This time it worked, but the browser hijacker was still active and well.
I then found instructions to uninstall a program called TNT2user.exe, but there was no such program. I suspect my system reboot may have obliterated that bit already.
I did find a folder called TNT2 somewhere similar to this URL C:\Dokumente und Einstellungen\DD\Anwendungsdaten\TNT2\, which I completely deleted. However, the browser still pointed at search us.com.
I then located user.js within the mozilla folder, and edited out all references to search us.com, restarted, everything appeared to be clean. I then updated FF and it appears to work as it is supposed to do. The google search bar is back, all the options are back as they should be.
The IE appears to be untouched by all this, it wasn't running when I caught that hijacker.
However, I have no means to check whether all instances of this thing are gone. I want to be sure, that nothing faxes data to someone, that my passwords get sent on or whatever.
So please, is there a relatively quick means to verify that my computer is now clean and not telephoning home to "mama"?
Thanks ahead for your help
Edited by Andora, 15 June 2013 - 11:37 AM.