BOTNET DETECTION

Those are all Java-based infections, and so *could* apply to OS X, but these don't.

Mal/JavaHeL0H detects a crimepack for Windows XP/IE

Mal/JavaKP-G detects a java-based downloader (downloads Windows malware)

Mal/JavaKP-H works with the other two to make all the magic happen.

So what you've got is likely a Windows-targeted drive-by download in your JavaWebCache.

If I understand correctly, it is "clean up manually" because it's attempting to clean up cache files that you don't have direct access to as a regular user -- so you need to custom scan and clean up instead.

In SAV, "Clean up manually" doesn't mean you have to go and remove the files yourself; it just means the software won't do everything for you without some user interaction.  "Clean up manually" is language from the Enterprise version where a system admin does most of the work automatically from a management console and doesn't touch the endpoints himself.

Those are all Java-based infections, and so *could* apply to OS X, but these don't.

Mal/JavaHeL0H detects a crimepack for Windows XP/IE

Mal/JavaKP-G detects a java-based downloader (downloads Windows malware)

Mal/JavaKP-H works with the other two to make all the magic happen.

So what you've got is likely a Windows-targeted drive-by download in your JavaWebCache.

If I understand correctly, it is "clean up manually" because it's attempting to clean up cache files that you don't have direct access to as a regular user -- so you need to custom scan and clean up instead.

In SAV, "Clean up manually" doesn't mean you have to go and remove the files yourself; it just means the software won't do everything for you without some user interaction.  "Clean up manually" is language from the Enterprise version where a system admin does most of the work automatically from a management console and doesn't touch the endpoints himself.