Reputation: 1
SQL Server 2008R2 Agent Malware
List of unidentified sql jobs
Our SQL Server 2008 R2 has lots of auto generated jobs from nowhere as can be seen from image above. I strongly suspect this causes our server password keeps reset daily for no reasons (I had untick those 'Enforce password policy' checkboxes). For now I had delete the jobs but I am not sure can this really solve the root of the problems. Any idea on this? Thanks guys...
Upvotes: 0
Views: 90
Answers (1)
Reputation: 28174
Your server has most likely been compromised. The most appropriate thing to do in this situation is to either reinstall everything from scratch and restore your last known good data backup (prior to getting compromised), or perform a bare metal restore of the server from the last known good (uncompromised) backup. At this point you don't know what malicious software is still on that server, so you have to assume that it's riddled with it.
Do this after you've ensured that the server will be secured from network attacks and don't leave it exposed to the public internet. If it wasn't previously exposed, you may have malicious software on your company network.
Upvotes: 1
Related Questions
- SQL SERVER Agent stops working Automatically
- SQL Server Agent Job Invoked
- Create SQL Server job automatically
- strange scripts generated by SQL Server when exporting a job
- SQL Server Agent jobs running even though I disabled the schedule in script
- Jobs not running in SQL Server agent as per schedule
- The latest two status of sql server agent jobs
- MS SQL Server Agent Jobs sometimes stands
- SQL Server Agent Job Set Up
- Sql jobs execution in sql server 2008 r2