From 47ce334b4c1bf2437814eb5c0f0c185914e7ea72 Mon Sep 17 00:00:00 2001
From: "eugene.livis" <elivis@basistech.com>
Date: Thu, 17 Aug 2023 15:22:27 -0400
Subject: [PATCH] Polishing

---
 .../src/org/sleuthkit/autopsy/datamodel/Artifacts.java |  1 +
 .../org/sleuthkit/autopsy/datamodel/MalwareHits.java   | 10 +++++-----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java b/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
index 57db059411..ded4c9cbed 100644
--- a/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
@@ -73,6 +73,7 @@ public class Artifacts {
     private static final Set<IngestManager.IngestJobEvent> INGEST_JOB_EVENTS_OF_INTEREST
             = EnumSet.of(IngestManager.IngestJobEvent.COMPLETED, IngestManager.IngestJobEvent.CANCELLED);
     
+    // this is currently a custom TSK artifact type, created in MalwareScanIngestModule
     private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null;
     private static final String MALWARE_HITS = "TSK_MALWARE";
 
diff --git a/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java b/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
index 784da11ba5..b0f48495c3 100755
--- a/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
@@ -57,7 +57,7 @@
  */
 public class MalwareHits implements AutopsyVisitableItem {
 
-    private static final String MALWARE_HITS = "TSK_MALWARE";
+    private static final String MALWARE_HITS = "TSK_MALWARE"; // this is currently a custom TSK artifact type, created in MalwareScanIngestModule
     private static BlackboardArtifact.Type MALWARE_ARTIFACT_TYPE = null;
     private static String DISPLAY_NAME;
     private static final Logger logger = Logger.getLogger(MalwareHits.class.getName());
@@ -139,12 +139,12 @@ final void update() {
 
             String query = "SELECT blackboard_artifacts.artifact_obj_id " //NON-NLS
                     + "FROM blackboard_artifacts,tsk_analysis_results WHERE " //NON-NLS
-                    + "blackboard_artifacts.artifact_type_id=" + MALWARE_ARTIFACT_TYPE.getTypeID()
+                    + "blackboard_artifacts.artifact_type_id=" + MALWARE_ARTIFACT_TYPE.getTypeID() //NON-NLS
                     + " AND tsk_analysis_results.artifact_obj_id=blackboard_artifacts.artifact_obj_id" //NON-NLS
-                    + " AND (tsk_analysis_results.significance=" + Score.Significance.NOTABLE.getId()
-                    + " OR tsk_analysis_results.significance=" + Score.Significance.LIKELY_NONE.getId() + " )"; // ELTODO LIKELY_NOTABLE
+                    + " AND (tsk_analysis_results.significance=" + Score.Significance.NOTABLE.getId() //NON-NLS
+                    + " OR tsk_analysis_results.significance=" + Score.Significance.LIKELY_NOTABLE.getId() + " )"; //NON-NLS
             if (filteringDSObjId > 0) {
-                query += "  AND blackboard_artifacts.data_source_obj_id = " + filteringDSObjId;
+                query += "  AND blackboard_artifacts.data_source_obj_id = " + filteringDSObjId; //NON-NLS
             }
 
             try (CaseDbQuery dbQuery = skCase.executeQuery(query)) {
-- 
GitLab