I am currently running McAfee VirusScan command line for Linux32 Version 6.0.3 as a client. When running scans on particular sets of files, in this case, antlr-2.7.6.tar files, McAfee reports two lines of scan log results for each of certain files such as html.g, java.g, asn1tokens.txt, and antlr.runtime.build, etc. In the example below, the file being scanned is "html.g". McAfee reports two lines, the first line shows an "arbitrary file" by the name of "00001ac1.js" which is presented as if it is located in a subdirectory with the name "html.g". The next line indicates the results for the actual file being scanned, that is, "html.g".
antlr-2.7.6.tar/html.g/00001ac1.js ... is OK.
antlr-2.7.6.tar/html.g ... is OK.
Below are other scan results:
antlr-2.7.6.tar/java.g/C0000000.js ... is OK.
antlr-2.7.6.tar/java.g ... is OK.
antlr-2.7.6.tar/asn1tokens.txt/C0000000.js ... is OK.
antlr-2.7.6.tar/asn1tokens.txt ... is OK.
antlr-2.7.6.tar/antlr.runtime.build/00000523.com ... is OK.
antlr-2.7.6.tar/antlr.runtime.build ... is OK.
It is assumed that since viruses have been detected/associated with such files in the past, McAfee has designed an "identifier" such as 00001ac1.js" for these files. In other cases, identifiers such as "C0000000.js" are associated with multiple files (java.g, asn1tokens.txt). However, I cannot find any documentation on these items. I would appreciate any information that would allow me to interpret these output scan results.