Mal/JavaDldr-B trojan

Hello countryman,

1) Simply put: threat detection is "platform-agnostic", only the on-access scanner considers the platform it's running on, other scans include (all) executables for all supported platforms. In addition a Java .class is an executable for the Mac as Java is cross-platform - that this particular item is (currently) not a threat for your Mac is not taken into account. Apart from the fact that you probably don't want to pass it on to a Windows user, detection might not be based on Windows specific properties of the file. 

2) If I understand you correctly you are worried about a file vital for you Mac being infected with a Windows-only threat and subsequent cleanup will render your Mac useless? Assuming that "something" has replaced this file you've already got a problem as it no longer will work anyway. If OTOH the file has only been modified it's very likely that cleanup will be able to revert the changes so no hram done. If in doubt (especially if delete is offered as only option) please ask first.

HTH

Christian   

Many thanks for the prompt and detailed reply and also for the excellent advice.

CM

In addition, Mal/JavaDldr-B detects generic signs of malicious Java-based downloaders.  This will never be part of a required file, as it's detecting explicitly malicious Java-based file downloading code.  The Windows designation is mostly due to the fact that we don't have a "Cross-Platform" designation, and it has only carried Windows-based payloads (so far).

This detection will almost always show up in your java webcache folder, which never contains anything permanent (the only cache folder I've found that contains anything non-temporary is the Fonts cache, which contains any Font groupings you have made.  All other cache folders* contain temporary data used to speed up the loading of something on your computer and can be deleted with no ill effects*).

* This is likely to change without much notice, and could already have changed.