unlodctr.exe
- File Path:
C:\WINDOWS\SysWOW64\unlodctr.exe - Description: Unload PerfMon Counters
Hashes
| Type | Hash |
|---|---|
| MD5 | E1EF6F660B0867CFC98C64FEFED45D9D |
| SHA1 | 4352259FC8B441631EF735CA28639F03C4111A09 |
| SHA256 | D2C4AE7431CB0F950246D3A0935B6F349887A9373D61B968CAAE8F7439D4B191 |
| SHA384 | A852C7C75DB9D74667FCFA239714D446E3BB12247D686449B058E4AE85CECD80B39A14719A3A7403E032855A680F4FC5 |
| SHA512 | 738DECD2904CDF826A05047994C23E7CB08C74334DE28DD6EDA5930E1B15491C1D898B774845AAF8D76E21B6878A7506B42F99A1B7BF076738AD59040BBDAE68 |
| SSDEEP | 768:ZZlM8QYJY492sO/VUy2sj9umdhp7c7bd:nlM8nJY4sUy249uY77c7bd |
| IMP | AABCBB3AEDFED74CF0D872AB53C6F8F1 |
| PESHA1 | 2A0F111C90A4FF9D7AF353D3F677FE951815F863 |
| PE256 | 645D16B3FA293DD5A89703168E96E287A389D0E967E68822B1A2D043BED0F661 |
Runtime Data
Usage (stdout):
UNLODCTR
uninstalls a performance counter provider.
Usage:
UNLODCTR <service-name>
uninstalls the v1.0 performance counter provider associated
with the <service-name> service.
UNLODCTR /m:<manifest>
uninstall a v2.0 performance counter provider using the
provider GUID from the specified XML manifest.
UNLODCTR /g:{ProviderGuid}
uninstall a v2.0 performance counter provider using the
specified provider GUID. The GUID should be specified in
registry form, i.e. {nnnnnnnn-nnnn...}
UNLODCTR /p:<ProviderName>
uninstall a v2.0 performance counter provider matching the
specified provider name.
Note: any arguments with spaces in the names must be enclosed within double
quotation marks.
Loaded Modules:
| Path |
|---|
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\System32\wow64.dll |
| C:\WINDOWS\System32\wow64base.dll |
| C:\WINDOWS\System32\wow64con.dll |
| C:\WINDOWS\System32\wow64cpu.dll |
| C:\WINDOWS\System32\wow64win.dll |
| C:\WINDOWS\SysWOW64\unlodctr.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED - Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: UNLODCTR.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/d2c4ae7431cb0f950246d3a0935b6f349887a9373d61b968caae8f7439d4b191/detection
Additional Info*
*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.
unlodctr
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Removes Performance counter names and Explain text for a service or device driver from the system registry.
[!WARNING] Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Syntax
unlodctr <drivername>
Parameters
| Parameter | Description |
|---|---|
<drivername> |
Removes the Performance counter name settings and Explain text for driver or service <drivername> from the Windows Server registry. If your <drivername> includes spaces, you must use quotation marks around the text, for example “Driver name”. |
| /? | Displays help at the command prompt. |
Examples
To remove the current Performance counter names and Explain text for the Simple Mail Transfer Protocol (SMTP) service, type:
unlodctr SMTPSVC
Additional References
MIT License. Copyright (c) 2020-2021 Strontic.