5 Replies Latest reply on Jan 4, 2008 11:45 AM by HectMike

    Exploit-ObscuredHtml False Alarm


      I am using Microsoft SQL Server 2005. From within the Management Studio, when I execute SQL code whose output has HTML tags in it, I receive the following virus notification from McAfee AntiVirus Enterprise 8.5.0i:

      Message = All hands on deck!!! VirusScan Alert!!!!
      Date and Time = 2008-01-03 14:01:15
      Name = C:\Documents and Settings\Administrator\Local Settings\Temp\tmp4B5.tmp
      Detected As = Exploit-ObscuredHtml
      State = Deleted

      And I get the following error in the Management Studio:
      An error occurred while executing batch. Error message is: Invalid calling sequence: file stream must be initialized first.

      I believe this to be a false alarm because I can faithfully reproduce it and by changing the output of the SQL statement that I am executing to not put out HTML tags, I can prevent this trojan virus error from occurring. However, I need my SQL code to output HTML, so it is not an option to strip the HTML tags from the output.

      I am running with the latest patches and updates.