[clamav-users] recently noted that scanning firefox browser cache reports many errors
mum laris
mum_laris at hotmail.com
Sun Oct 11 11:07:40 UTC 2020
Hi.
On 10/10/20 15:15, G.W. Haywood via clamav-users wrote:
> Hi there,
>
> On Sat, 10 Oct 2020, mum laris via clamav-users wrote:
>> On 10/10/20 01:01, G.W. Haywood via clamav-users wrote:
>>> gzip -vt FF13A1C7B9A4E5C26BE58596DF7F58E6CCB3F19F
>> FF13A1C7B9A4E5C26BE58596DF7F58E6CCB3F19F:
>> gzip: ... decompression OK, trailing garbage ignored
>
> Trailing garbage doesn't necessarily malicious content, it could be as
> simple as a carelessly coded utility which didn't do something (e.g.
> terminate) correctly, but I agree with you that it's suspicious.
>
> Do the timestamps (for example) on these files tell you anything about
> where they might have come from?
>
only streaming video I see are youtube or netflix; if not related to any
of these ones...
>> So parsing it ...
>>
>> (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i])...
>> And at the end of file:
>>
>> //# sourceMappingURL=bundle.js.map
>>
>>
>> How can a js be cached in this way?
>
> I know nothing about caching scripts (and almost nothing about caching
> anything else) in Firefox, but I imagine that most browsers will cache
> scripts in more or less the same way that they'll cache anything else.
> It's all just data which would otherwise have to be transferred again.
>
> Why not submit the file to one of the sites which will scan for
> malware with multiple scanning engines, e.g. Jotti or Virustotal?
>
> https://virusscan.jotti.org/
> https://www.virustotal.com/gui/
>
Jotti doesn't work in my firefox profile
Viruscan says no detected engine... (safe)
> Have you tried pasting the md5sum of the file(s) into a search engine?
>
Yeah, no result...
Thanks,
M.
More information about the clamav-users
mailing list