Delete the SQL process with security issues.
The permission to destroy shell, registry, and COM components is deleted.
Ms SQL Server 2000
Log on to the query analyzer using a system account
Run the following script:
Use master
Exec sp_dropextendedproc xp_cmdshell
Exec sp_dropextendedproc xp_enumgroups
Exec sp_dropextendedproc xp_loginconfig
Exec sp_dropextendedproc xp_enumerrorlogs
Exec sp_dropextendedproc xp_getfiledetails
Exec sp_dropextendedproc Sp_OACreate
Exec sp_dropextendedproc Sp_OADestroy
Exec sp_dropextendedproc Sp_OAGetErrorInfo
Exec sp_dropextendedproc Sp_OAGetProperty
Exec sp_dropextendedproc Sp_OAMethod
Exec sp_dropextendedproc Sp_OASetProperty
Exec sp_dropextendedproc Sp_OAStop
Exec sp_dropextendedproc xp_regaddmultistring
Exec sp_dropextendedproc xp_regdeletekey
Exec sp_dropextendedproc xp_regdeletevalue
Exec sp_dropextendedproc xp_regenumvalues
Exec sp_dropextendedproc xp_regremovemultistring
Exec sp_dropextendedproc xp_regwrite
Drop procedure sp_makewebtask
Go
Delete all dangerous extensions:
Exec sp_dropextendedproc xp_cmdshell [after this extension is deleted, the database cannot be remotely connected]
The following three stored procedures will be used when SQL SERVER recovers the backup. Do not delete them unless necessary.
# Exec sp_dropextendedproc xp_dirtree [after you delete this extension, you cannot create or attach a database]
# Exec sp_dropextendedproc Xp_regread [restore the database after deleting this extension]
# Exec sp_dropextendedproc xp_fixeddrives [the database cannot be restored after this extension is deleted]
Recovery script
Use master
EXEC sp_addextendedproc xp_cmdshell, @ dllname = xplog70.dll
EXEC sp_addextendedproc xp_enumgroups, @ dllname = xplog70.dll
EXEC sp_addextendedproc xp_loginconfig, @ dllname = xplog70.dll
EXEC sp_addextendedproc xp_enumerrorlogs, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_getfiledetails, @ dllname = xpstar. dll
EXEC sp_addextendedproc Sp_OACreate, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OADestroy, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OAGetErrorInfo, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OAGetProperty, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OAMethod, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OASetProperty, @ dllname = odsole70.dll
EXEC sp_addextendedproc Sp_OAStop, @ dllname = odsole70.dll
EXEC sp_addextendedproc xp_regaddmultistring, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regdeletekey, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regdeletevalue, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regenumvalues, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regremovemultistring, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regwrite, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_dirtree, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_regread, @ dllname = xpstar. dll
EXEC sp_addextendedproc xp_fixeddrives, @ dllname = xpstar. dll
Go
Copy all to "SQL query analyzer"
Click -- "query" -- "execute" on the menu to delete the SQL process with security issues.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
