We help IT Professionals succeed at work.

Need to know if a particular version of ntsvc.ocx is OK or not

Hi, I've got this file ntsvc.ocx.
I need to know if it is OK and does not contain malicious code.
I've gone through hundreds of searches and I don't really find a trustworthy source to give me assurance that the file is OK and none that tells me it's malware.

Although it may be used by malicious programs, I need to know if this particulare ntsvc.ocx itself contains malicious code.

Here are the MD5 and SHA1 footprints of the flie:
MD5: 623eb10ca0eb3bd2f10fc1e0e78a0941 ntsvc.ocx
SHA-1: 52a120192ae8485e6bfaf39488a65ed3d7a07740 ntsvc.ocx

It's possible get the OCX here : http://montgomerysoftware.com/downloads/ntsvc.zip
Watch Question

NTsvc.ocx allows Visual Basic programs to run as a service under Windows NT. It is not provided by Microsoft in a compiled format so there is really no way to verify whether the version you have is Kosher or not because different compilers are going to produce different files, but both will do exactly the same thing.

The file was probably placed on your system by some Visual Basic application that wants to run as a service. Do you remember installing some old software on your system? Do you have any software on your system which you use often / daily which you know is written in Visual Basic?

If you got the file from the Montgomery Software site then it seems that the file itself is probably Okay and would not be a corrupt file. However, that does not mean that there is not some Visual Basic program on your system using ntsvc.ocx to run itself as a Service under Windows so you would never normally see that it is actually running.

An easy way to do a diagnostic test would be to rename ntsvc.ocx to ntsvc.ocx.hide - this way no other applications that want to call it will be able to see it. Reboot your system and see if everything runs fine. Check and make sure that ntsvc.ocx.hide is still named ntsvc.ocx.hide - if a new ntsvc.ocx file has appeared then you have problems. If something stops working then it was possibly / probably dependent on ntsvc.ocx and if this is something you want you should change ntsvc.ocx.hide back to ntsvc.ocx.

A good software to have on your system to see if you have any Malware on your system is a bandwidth monitor. This is especially helpful if you are using a modem because you can actually see the data coming into your machine and it gives you something to watch when you are waiting or lets you know that nothing is coming in so you don't wait in vain. This will help you watch your bandwidth usage and will also be the best way to alert you to Spyware on your system that should not be there. Spyware / Malware is designed to take over your computer and when it does it makes liberal use of your bandwidth to send out SPAM or to perform DDOS attacks or other bad things. If you are not using a web browser or any other Internet applications but you see your bandwidth spiking you will know something is wrong. Without a bandwidth monitor you will never know this is happening. I use DU Meter:


But there are a bunch of free ones out there like:



It is here stated with the same MD5 as you have. However, they are not sure of its being safe or not:



Explore More ContentExplore courses, solutions, and other research materials related to this topic.