When certain modules are loaded into the Microsoft SQL Server process address space (Sqlservr.exe), you may encounter the following symptoms:
Reports of various hang-related error messages and conditions (for example, SQL Server scheduler message such as 17883, application time-out messages, severe blocking within SQL Server)
Very slow response from SQL Server even if the concurrent amount of load is not unusually heavy
Exceptions (such as access violationa), critical error messages about database consistency, assertion messages or unexpected process termination
These issues occur because applications or other software that are installed on a server that is running SQL Server can load certain modules into the SQL Server process (Sqlservr.exe). This maybe done to achieve a specific business logic requirement, an enhanced functionality, or intrusion monitoring. These modules might perform unsupported activities that include detouring important Win32 APIs and SQL Server routines, and calling risky APIs. Additionally, some intrinsic problems within these modules may cause corruption of various memory structures that are necessary for the SQL Server process to function correctly.
Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
To work around this problem, follow these steps:
Identify the module that is loaded into the SQL Server process and that is causing the problem.
Perform the following actions for the module in question:
Configure the application not to load the specific module into the SQL Server process.
Contact the vendor of the module or application to check for updates. Apply any updates that are available.
In some rare situations, you may have to remove the module and its associated software to restore stability to the SQL Server process and the system.
Note In some instances, you may have to perform all of these actions.
Microsoft Customer Support and Services (CSS) team has identified the following modules that can cause the symptoms that are mentioned in the "Symptoms" section. This list will be updated as new issues are found. This list is provided to help you identify the process that is mentioned in the "Resolution" section. This process typically involves the collection of an iterative set of diagnostic and tracing data for the duration of the problem.
The following modules can cause performance and stability issues when they are loaded into the SQL Server process:
ENTAPI.DLL ENTAPI.DLL is loaded into the SQL Server process if you install McAfee VirusScan Enterprise on a server that is running Microsoft SQL Server, and then you configure this software to monitor SQL Server. When this module is loaded, important Win 32 APIs are also detoured inside the SQL Server process. If you notice that this module is loaded into SQL Server process, configure McAfee VirusScan Enterprise to exclude SQL Server (Sqlservr.exe) from various advanced monitoring, such as Buffer Overflow Protection.
HIPI.DLL, HcSQL.dll, HcApi.dll, HcThe.dll These DLL files are loaded into the SQL Server process if you install McAfee Host Intrusion Prevention software on the same system as SQL Server. If you notice that this module is loaded into SQL Server process, configure McAfee Host Intrusion Prevention to exclude SQL Server (Sqlservr.exe) from its monitoring list.
SOPHOS_DETOURED.DLL and SOPHOS_DETOURED_x64.DLL, SWI_IFSLSP_64.dll These DLL files are loaded into the SQL Server process if you install Sophos Antivirus program on a server that is running SQL Server. If you notice that this module is loaded into the SQL Server process, you can configure the AppInit_Dlls registry subkey to avoid loading this module into SQL Server process.
PIOLEDB.DLL and PISDK.DLL These DLL files are loaded into the SQL Server process if you use the PI OLEDB provider to access data from a PI server or if you use extended stored procedures that use the PI SDK. If you notice that these modules are loaded into the SQL Server process, contact the vendor of these modules to configure the OLEDB provider as an out-of-process provider. This configuration helps to avoid the need to load these modules into the SQL Server process.
For more information about how to set exclusion policies for Sqlservr.exe in the application software that is discussed in this article, refer to the product manual or contact the software vendor.
The following table provides more information about the products or tools that automatically check for this condition in your instance of SQL Server and in the versions of SQL Server against which the rule is evaluated.
Product versions against which the rule is evaluated
System Center Advisor
Modules loaded in SQL Server that can cause server stability problems
System Center Advisor determines whether the list of DLLs mentioned in this article is loaded into the SQL Server process. Review the information that is provided in the “Information Collected” section of the advisor alert, and then make the required configuration changes that are discussed in the article.
SQL Server 2008 SQL Server 2008 R2 SQL Server 2012
SQL Server 2008 R2 Best Practice Analyzer (SQL Server 2008 R2 BPA)
Windows API calls intercepted
The SQL Server 2008 R2 Best Practice Analyzer (SQL Server 2008 R2 BPA) provides a rule to detect the modules to support Buffer Overflow Protection that are loaded inside SQL Server. If you run the BPA tool, and you receive a Warning message that is titled "Engine - Windows API calls intercepted," the modules to support Buffer Overflow Protection are loaded inside SQL Server. BPA detects this by looking for any modules that have a name that resembles "%entapi.dll%" as found in the sys.dm_os_loaded_modules Dynamic Management View (DMV).
SQL Server 2008 SQL Server 2008 R2 SQL Server 2012
SQL Server 2012 Best Practice Analyzer (SQL Server 2012 BPA)
Windows API calls intercepted
The SQL Server 2012 BPA provides a rule to determine whether the list of DLLs mentioned in this article is loaded into the SQL Server process. If you run the BPA tool and you receive a Warning message that is titled "Engine - Windows API calls intercepted", review the information provided in “Issue” statement of the BPA and make the required configuration changes that are discussed in the article.
SQL Server 2012
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
The information and the solution in this document represents the current view of Microsoft Corporation on these issues as of the date of publication. This solution is available through Microsoft or through a third-party provider. Microsoft does not specifically recommend any third-party provider or third-party solution that this article might describe. There might also be other third-party providers or third-party solutions that this article does not describe. Because Microsoft must respond to changing market conditions, this information should not be interpreted to be a commitment by Microsoft. Microsoft cannot guarantee or endorse the accuracy of any information or of any solution that is presented by Microsoft or by any mentioned third-party provider.
Microsoft makes no warranties and excludes all representations, warranties, and conditions whether express, implied, or statutory. These include but are not limited to representations, warranties, or conditions of title, non-infringement, satisfactory condition, merchantability, and fitness for a particular purpose, with regard to any service, solution, product, or any other materials or information. In no event will Microsoft be liable for any third-party solution that this article mentions.
For more information about the SQL Server support policy, click the following article numbers to go to the article in the Microsoft Knowledge Base: