If u run an SQL Server 2000 DB, you may be targeted by a new botnet hack (banner82) thru SQL injection. Two fast step to avoid being hacked are: - Set permission denied on the system tables: sysobjects and syscolumns of your db. In enterprise managers, click on the tables open "authorization" and deny averything for everyone. This should be enough to block the attack. - Catch the queystring in each page and parse it for terms like "EXEC" or "DECLARE" (you may want to add more like "<script" and so on)m if u find those terms, redirect to nowhere. Hope this helps to secure your sites before they get attacked. Run daily backups of the db! Is easy to clean db from the attached string both in var and text fields, the problem is that the attack appends himself after truncating text fields to 4000 char, so the only viable option if u have longer texts is to restore a db backup.
For Cleaning Up SQL Injection Attack : b.js & preventing SQL Injection http://forums.digitalpoint.com/showthread.php?t=895509#post8260407 and http://codegroups.com/blog/index.php/cleaning-up-sql-injection-attack-bjs/