DavidR
15
Avast creates these temp files of the content coming down on the http stream so it can scan them in its localhost proxy (it doesn’t use the original file names) if they are clean then they would be passed on to the browser cache and displayed on the browser page. I just harvest them to be able to look inside.
They are essentially what you showed in your image, just renamed in the avast localhost proxy.
I don’t know if you use any form of content management software as that if out of date could be vulnerable to exploit, injecting the code into pages/files.