在SQLServer下出现cmd.exe和ftp.exe的解决办法

最近在台式机上写程序发现了这个问题,感觉访问数据库时慢好了多,加载很少的数据要等一两秒才出来.我就纳闷了,偶的配置还马马虎虎,也没运行其他程序,在打开任务管理器后发现很多个cmd.exe和ftp.exe,靠!!我第一个反应就是中毒了,妈的,我还装了小红帽的,前两天又装了微点(听说不错,所以装个玩玩,这东东确实比较强,但是有点害怕,说不定病毒在你电脑没发作到copy到别人机器没装微点的发作了,那就...),结果这两个家伙竟然发觉不了,后来把小红帽和微点卸了装瑞星,还是照旧...时不时还能提示c盘生产出一个病毒,我晕...

偶结束了这些进程,然后再删除system32下的ftp.exe,检查启动项等地方都没发现可疑程序的踪影.但没过多久cmd.exe再次自动运行,接着ftp.exe又出来干见不得人的事情了...就这样我郁闷了好久,在网上搜cmd.exe和ftp.exe病毒等相关资料都没收获,最后在搜索中加了个sql,原来是sqlserver2000 的xp_cmdshell太强大了,记得有学过这个东东,但基本没用过.把这家伙删掉或者sqlserver里面的用户禁用到这个存储过程就好了.

引用一下我搜到的资料

原文参见:blog:http://www.cnblogs.com/bisonjob/archive/2007/08/06/845107.html

xp_cmdshell 操作系统命令外壳 。

这个过程是一个扩展存储过程,用于执行指定命令串,并作为文本行返回任何输出。

一般情况下,xp_cmdshell对管理员来说也是不必要的,xp_cmdshell的消除不会对Server造成任何影响.

可以将xp_cmdshell删除:

================================================================= 

xp_cmdshell的删除和恢复   

删除扩展存储过过程xp_cmdshell的语句: exec sp_dropextendedproc 'xp_cmdshell' 

恢复cmdshell的SQL语句 EXEC sp_addextendedproc xp_cmdshell ,@dllname ='xplog70.dll'

在sqlserver的query analyer中运行以下命令就可以去掉sa的xp-cmdshell权限:

  if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[xp_cmdshell]') and OBJECTPROPERTY(id, N'IsExtendedProc') = 1) exec sp_dropextendedproc N'[dbo].[xp_cmdshell]' GO

一般SQL2000是通过下面语句恢复:

EXEC sp_addextendedproc xp_cmdshell ,@dllname ='xplog70.dll' 

而SQL97是通过下面语句恢复

EXEC sp_addextendedproc xp_cmdshell ,@dllname ='xpsql70.dll' sp_addextendedproc'xp_cmdshell','xpsql70.dll' (sql 7.0) sp_addextendedproc'xp_cmdshell','xplog70.dll' (sql 2000)   

=================================================================

Star FTP Server Freeware for non-Commercial use ================================================ Copyright (c) 2005 - Fightersoft Multimedia SRL e-mail: fightersoft@gmail.com site: http://www.fightersoft.ro SOFTWARE LICENSE AGREEMENT & DISCLAIMER -------------------------------------------------------------------------------- BY INSTALLING OR USING THIS SOFTWARE YOU INDICATE YOUR ACCEPTANCE OF THIS AGREEMENT. IF YOU DO NOT ACCEPT OR AGREE WITH THESE TERMS, YOU MAY NOT INSTALL OR USE THIS SOFTWARE ! LICENSE AGREEMENT Star FTP Server is a freeware software application, free of any charge for non-commercial use. For commercial use, please contact Fightersoft Multimedia SRL. This Limited Use Software License Agreement (the "AGREEMENT") is a legal agreement between you ("LICENSEE"), the end-user, and Star FTP Server author ("AUTHOR") for the use of the Star FTP Server software product, and may include associated media, printed materials and any "online" or electronic documentation ("SOFTWARE"). By using this SOFTWARE or storing this program on a computer hard drive (or other media), you are agreeing to be bound by the terms of this AGREEMENT. If you do not agree to the terms of this AGREEMENT, you may not install or use the SOFTWARE and you must delete it from all storage media. This SOFTWARE may be distributed freely on online services, bulletin boards, or other electronic media as long as the files are distributed only "AS IS" in this installation package. This SOFTWARE may not be distributed on CD-ROM, disk, or other physical media for a fee without the permission of the Author. The SOFTWARE may not be bundled or distributed with any other package without written permission of the author. The SOFTWARE is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. You may not alter this SOFTWARE in any way, including changing or removing any messages or windows. You may not decompile, re
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值