SQL cannot mount dll Microsoft reason (cannot modify sa password) _mssql

Source: Internet
Author: User
Unable to load DLL Microsoft reason: 126 (The specified module could not be found).
U890 Account SET Introduction hint: Unable to load DLL Microsoft prompts you to accidentally manipulate the SQL database to avoid unnecessary inconvenience to the database or a DLL referenced by the DLL. Reason: 126 (The specified module could not be found.) )。 ”
The system stored procedure was maliciously modified by the virus because the SQL2000 sa password was too simple.
The following system stored procedures are required for recovery.
Note: This program only supports SQL2000

Copy Code code as follows:

Use master
Go
--Check if xp_cmdshell is tampered with
SELECT * FROM Master. syscomments where object_name (id) = ' xp_cmdshell ' and text<> ' Xplog70.dll '
Go
--Check if other stored procedures have been tampered with
Select object_name (ID), * from Master. syscomments where object_name (ID) in
(' Xp_getfiledetails ', ' xp_availablemedia ', ' xp_dirtree ', ' xp_fixeddrives ', ' xp_s
Ubdirs ',
' Xp_fileexist ', ' xp_get_tape_devices ', ' sp_msgetversion ', ' xp_enumdsn ', ' Xp_regr
Ead ', ' xp_regwrite ', ' Xp_regdeletevalue ',
' Xp_regaddmultistring ', ' xp_regremovemultistring ', ' Xp_regenumkeys ', ' Xp_regenu
Mvalues ', ' xp_regdeletekey ', ' xp_instance_regread ',
' Xp_instance_regwrite ', ' xp_instance_regdeletevalue ', ' Xp_instance_regaddmulti
String ', ' xp_instance_regremovemultistring ',
' Xp_instance_regenumkeys ', ' xp_instance_regenumvalues ') and text <>n ' Xpstar.dll '
Go
--found that xp_cmdshell was tampered with, execute the following statement and change it back
--drop procedure xp_cmdshell
--go
--exec sp_addextendedproc n ' xp_cmdshell ', n ' xplog70.dll '
--go
--then execute the following statement to verify that the xp_cmdshell is correct
--xp_cmdshell ' dir c:/'
-If the statement is abnormal, it is also possible that the SQL Server service's enabling account (typically system) does not have permission to access the System32/cmd.exe file, plus permissions
--discover that other stored procedures have been tampered with, execute the following statement
--drop Procedure Stored Procedure name
--go
--exec sp_addextendedproc n ' Stored procedure name ', n ' xpstar.dll '

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.