This story may take a while to relate ... but bear with me.

Two nights ago, having read of possible problems over the continuation of the Firefox browser, I decided to look at Chrome as a possible alternative. Interested with what I saw I downloaded the latest version and began to set it up, delighted at discovering a whole host of Apps that were new to me. That was my first mistake.

Ploughing through the choices, I came across a broadband speed checker and decided to test as I had a good idea of the results. It was more or less accurate but on completion, the screen changed and I was presented with an opportunity to "Clean my mac". I didn't … but immediately noticed the screen telling me I had downloaded MacKeeper, a notorious program. I hadn't consciously downloaded it at all but I rapidly backtracked and deleted everything in sight.

But a few hours later I began to encounter big problems with Firefox cookies. A whole host, possibly a hundred or more, suddenly appeared in my cookie file One in particular I saw (EDGERU4.com) I have since been told is bad news. Moreover, I could not delete the cookies either individually or in a group as the cookie delete system would not operate and I was continually meeting the spinning beach ball.

Once I saw this I immediately got rid of both Firefox and Chrome in the hope I had removed any infection but the experience is worrying. I would find it hard to believe Google would allow Chrome to infect rivals or for that matter, that Chrome would allow apps on their site to infect users … though nothing is beyond possibility.

So I am using this forum to report my experiences in case others should meet similar problems. Could anyone advise me my best course of action now; everything seems to be operating normally.

1st, get ClamXav. It's donation ware, and is a good enough anti-virus that Apple used it for their server version of MacOS X. Check your system with it, especially your user files.

2nd, get LittleSnitch. It checks for outgoing calls, and allows you to validate (or not) anything it does not recognize. If you have a Trojan Horse sending data to something you don't care to allow, LittleSnitch will alert you.

3rd, if you can, upgrade to Lion. Apple has quietly introduced a hidden utility that tracks and destroys certain Trojan Horses, and attempts to keep it updated, behind the scenes, to keep up with the malware developers.

Hello Greybeard,

Thanks for your interest; nice to meet you again. I have got ClamXav and plan to run it through this morning. In respect of Little Snitch, would activity monitor not tell me about unauthorised movement of data etc? Mine is not a busy computer, no commercial work etc.
I am still thinking about Lion. I would prefer to avoid that for another six months in view of the amount of criticism so far. Seems to me a major update will appear soon.

One thing that did interest me, however, was in clearing the remnants of Firefox I went … user > library> preferences and in that screen I found a number of files beginning cfx# (cfx#43b3G17 is one such) but examining the contents produced a blank page. Would you know what these are; there are about fifty of them scattered about and all I checked came out blank.

Much obliged for your help,

Regards.

Activity Monitor does not do the job LittleSnitch does. It does have to do with the internal processes, including your apps, on your Mac.

More than likely, any file in the preferences folders that you don't think are needed you can delete. Anything that is needed will automatically be replaced, although you may have to re-do some of your settings.

Hello Greybeard,

Just to top up the detail. I used ClamXav extensively and it showed no problems. I also have a second anti-virus which confirmed ClamXav result. I feel quite confident that all is well.

The cfx# files I mentioned have been the subject of various posts in Apple Forums. No-one is absolutely sure what they are but the consensus is that they are harmless, and as you say, can be deleted.

Thank you again for taking the trouble to help out.