File details
File name: sqlservr.exe
Name: Microsoft SQL Server
Description: SQL Server Windows NT
Version: 2009.0100.1600.01 ((KJ_RTM).100402-1539 )
Product version: 10.50.1600.1
Size: 59.05 MB
Original file name: SQLSERVR.EXE
Digital certificate
Certificate authority:
Microsoft Corporation
Expiration date: 5/21/2012
Resource utilization
 | CPU utilization averages |
Total CPU: 0.0001921761%
Privileged CPU:
0.0001499909%

User CPU:
0.00004218523099%

Privileged CPU time: 1176536.14 ms
Privileged CPU time /min: 0 ms
CPU cycle count:
496,514,008
 | Memory utilization averages |
Committed memory:
161.14 MB
Peak committed memory: 175.27 MB
Paged memory:
150.71 MB
Peak paged memory: 162.26 MB
Paged system memory:
244.35 KB
Non-paged system memory: 37.67 KB
Working set memory:
13.3 MB
Peak working set memory: 69.87 MB
Min working set memory: 11.58 MB
Private memory:
150.71 MB
Page faults:
131,376
Page faults /min: 0
 | Process I/O averages |
Total read operations:
600
Total read transfer: 19.82 MB
Total write operations:
128
Total write transfer: 2.87 MB
Total other operations:
5,682
Total other transfer: 53.18 KB
Resources
Handle count average: 350
Thread count average: 41
Thread resource averages
msvcr80.dll

Total CPU: 0.117848771987%
Privileged CPU: 0.048774375717%
User CPU: 0.069074396270%
CPU Cycle count /sec: 2,265,854
Context switches /sec: 48
Module memory size: 804 KB
Total CPU: 0.000164502161%
Privileged CPU: 0.000057421901%
User CPU: 0.000107080261%
CPU Cycle count /sec: 2,664
Module memory size: 59.68 MB
Process details
Runs as (owner): Network Service
Integrety level: System
Windows platform: 64-bit
Runs as a service: Yes
Parent Process
Process Commands
"C:\Program Files\Microsoft SQL Server\MSSQL10_50.VPINSTANCE\MSSQL\Binn\sqlservr.exe" -sVPINSTANCE
"C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
Service details
Name: SQL Server (PCAMERICA)
Service name: MSSQL$PCAMERICA
Service type:
Win32OwnProcess
Description: “Provides storage, processing and controlled access of data and rapid transaction processing.”
Image hashes
MD5: 7396087f9212009b1b8fac28c0b7b728
SHA-1: 443e66bb1217f7637d6180f904b8ef67a60288b8
PE image details
Subsystem: Windows Console
Langauge*: Microsoft Visual C++ 8.0
File packed: No
Import Table
advapi32.dll

CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
CryptCreateHash
CryptHashData
CryptGetHashParam
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegisterEventSourceW
RegQueryValueExA
DeregisterEventSource
ReportEventW
RevertToSelf
RegSetValueExW
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
TraceEvent
RegConnectRegistryW
OpenThreadToken
OpenProcessToken
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
GetSecurityInfo
CryptDestroyKey
CryptGetProvParam
GetSecurityDescriptorDacl
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptSetProvParam
CryptImportKey
CryptExportKey
CryptGetKeyParam
CryptGenKey
CryptDeriveKey
CryptSetKeyParam
CryptEncrypt
CryptDecrypt
CryptSetHashParam
CryptSignHashW
CryptVerifySignatureW
CryptDuplicateHash
CryptGetUserKey
IsValidSid
GetLengthSid
RegEnumValueW
SetThreadToken
DuplicateToken
RegDeleteValueW
InitializeAcl
AddAccessAllowedAce
AddAccessDeniedAce
GetNamedSecurityInfoW
SetNamedSecurityInfoW
RegEnumKeyExW
LookupAccountNameW
AddAccessAllowedAceEx
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
ImpersonateNamedPipeClient
ImpersonateSelf
ImpersonateLoggedOnUser
ConvertSidToStringSidW
LookupPrivilegeValueW
LookupAccountSidW
RegOpenCurrentUser
InitializeSid
DuplicateTokenEx
ConvertStringSidToSidW
AdjustTokenPrivileges
AllocateLocallyUniqueId
LogonUserW
CreateProcessAsUserW
LsaOpenPolicy
LsaNtStatusToWinError
LsaAddAccountRights
LsaClose
CreateWellKnownSid
SetSecurityInfo
RegCreateKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceW
RegOpenKeyExA
CopySid
GetUserNameW
GetAclInformation
GetAce
DeleteAce
AddAce
QueryServiceStatus
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerA
SetServiceBits
SetServiceStatus
RegSetValueExA
RegDeleteValueA
CryptAcquireContextA
RegDeleteKeyW
RegQueryInfoKeyW
ControlService
QueryServiceStatusEx
SetSecurityDescriptorOwner
GetSidLengthRequired
RegEnumKeyExA
RegCreateKeyExA
GetSecurityDescriptorLength
EnableTrace
StartTraceW
ControlTraceW
SetSecurityDescriptorGroup
MapGenericMask
AccessCheck
QueryServiceConfigW
RegOpenKeyW
crypt32.dll

CertCreateCertificateContext
CryptDecodeObject
CryptAcquireCertificatePrivateKey
CertVerifyTimeValidity
CertNameToStrW
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertFreeCertificateChain
CertCloseStore
CryptMsgClose
CertStrToNameW
CertCreateSelfSignCertificate
CryptQueryObject
CryptMsgGetParam
CertOpenStore
CertGetSubjectCertificateFromStore
CryptProtectData
CryptUnprotectData
CertFindCertificateInStore
CertOpenSystemStoreA
CertGetEnhancedKeyUsage
CertGetNameStringW
CertFreeCertificateContext
iphlpapi.dll

kernel32.dll
msvcp100.dll
msvcp80.dll
msvcr100.dll
msvcr80.dll
mswsock.dll

GetAcceptExSockaddrs
AcceptEx
netapi32.dll

DsGetDcNameW
NetUserModalsGet
NetWkstaGetInfo
NetApiBufferFree
pdh.dll

PdhCloseQuery
PdhOpenQueryW
PdhAddCounterW
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhGetRawCounterArrayW
rpcrt4.dll

RpcStringFreeA
UuidToStringA
UuidFromStringW
UuidCreate
UuidToStringW
RpcStringFreeW
UuidCreateSequential
secur32.dll

shell32.dll

shlwapi.dll

PathRemoveExtensionW
PathFindExtensionW
PathRemoveBackslashW
PathFindFileNameW
PathRenameExtensionW
PathIsDirectoryW
PathAddBackslashW
PathCombineW
PathIsRelativeW
PathAddExtensionW
PathRemoveFileSpecW
sqldk.dll
sqlos.dll

user32.dll

CharUpperW
MessageBoxA
CharNextExA
wsprintfW
MessageBoxW
userenv.dll

DestroyEnvironmentBlock
LoadUserProfileW
CreateEnvironmentBlock
winmm.dll

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
ws2_32.dll

WSARecv
WSAEnumNetworkEvents
WSASend
WSAConnect
WSAEventSelect
WSAStringToAddressA
WSAIoctl
WSAEnumProtocolsA
WSAAddressToStringA
Export Table
_getimallocformsxml@4
_getimallocformsxmlsql@4
_getiumsformsxml@4
_tlsgetvalueformsxmlsql@4
_tlsgetvaluesqlserver@4
_tlssetvalueexsqlserver@12
_tlssetvalueformsxmlsql@12
bufferpoolinfo
configptr
dmpgetclientexport
dmpremotedumprequest
localbrickidptr
numberofbricksptr
xegetapi