[clamav-users] recently noted that scanning firefox browser cache reports many errors
G.W. Haywood
clamav at jubileegroup.co.uk
Sat Oct 10 13:15:23 UTC 2020
Hi there,
On Sat, 10 Oct 2020, mum laris via clamav-users wrote:
> On 10/10/20 01:01, G.W. Haywood via clamav-users wrote:
>> gzip -vt FF13A1C7B9A4E5C26BE58596DF7F58E6CCB3F19F
> FF13A1C7B9A4E5C26BE58596DF7F58E6CCB3F19F:
> gzip: ... decompression OK, trailing garbage ignored
Trailing garbage doesn't necessarily malicious content, it could be as
simple as a carelessly coded utility which didn't do something (e.g.
terminate) correctly, but I agree with you that it's suspicious.
Do the timestamps (for example) on these files tell you anything about
where they might have come from?
> So parsing it ...
>
> (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i])...
> And at the end of file:
>
> //# sourceMappingURL=bundle.js.map
>
>
> How can a js be cached in this way?
I know nothing about caching scripts (and almost nothing about caching
anything else) in Firefox, but I imagine that most browsers will cache
scripts in more or less the same way that they'll cache anything else.
It's all just data which would otherwise have to be transferred again.
Why not submit the file to one of the sites which will scan for
malware with multiple scanning engines, e.g. Jotti or Virustotal?
https://virusscan.jotti.org/
https://www.virustotal.com/gui/
Have you tried pasting the md5sum of the file(s) into a search engine?
--
73,
Ged.
More information about the clamav-users
mailing list