home

vntsrv.dll

Virtual New Tab

APN LLC.

This installer is part of the Ask.com (APN) network which will install the Ask.com branded toolbar or browser extension which will take control of the web browser's search functions. The module vntsrv.dll, “Virtual New Tab Server” has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the APN Stub installer, however the file is not signed with an authenticode signature from a trusted source. Additionally, the file is typically installed by a number of programs including Ask Toolbar by APN LLC and Virtual DJ Toolbar by APN, LLC, both potentially unwanted software.
Publisher:
APN LLC.

Product:
Virtual New Tab

Description:
Virtual New Tab Server

Version:
10.0.0.85

MD5:
bd93cd11b063146edcd7a081eff9b28e

SHA-1:
b09c00b84e97a7fade65e9fe622a88c5bf662e15

SHA-256:
f25d36708b8e3a68b0cac50e5538b090083ee69b9c7bbff0aba7602ceea62aa1

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 9:58:54 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.APN.G
14.6.18.21

File size:
91.5 KB (93,696 bytes)

Product version:
10.0.0.85

Copyright:
(c) APN LLC. All rights reserved.

Original file name:
vntsrv.dll

File type:
Dynamic link library (Win32 DLL)

Installer:
APN Stub

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\vnt\vntsrv.dll

File PE Metadata
Compilation timestamp:
6/11/2014 9:46:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:5QcW+twvXdU7qKYweNXGc1aKLt7CkAzjdwAy6sE2HmfxNVpDV3:un1NUhYBrNJwjd3sE2GfxNVFV

Entry address:
0x6EC8

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A9, 4C, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 88, 8C, 01, 10, 00, 74, 05, E9, 00, 4D, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83...
 
[+]

Code size:
62 KB (63,488 bytes)

The file vntsrv.dll has been discovered within the following programs.

Ask Shopping Toolbar  by APN LLC
This is an Ask.com ad-injection toolbar that is bundled with various 3rd-party programs and installers. From the site: "The enhanced shopping search experience includes rich content, a variety of product listings, and visual product search results.
help.ask.com/link/portal/30015/30018/Article/227/What-features-does-the-Shopping-Toolbar-by-Ask-offer
79% remove it
Ask Toolbar  by APN LLC
The Ask Toolbar is a web browser extension and toolbar that delivers contextual based advertising as well as modify the user's web browser home and search pages to provide advertising and search.
apn.ask.com
74% remove it
Avira SearchFree Toolbar  by Avira GmbH
The Avira SearchFree Toolbar is a web browser toolbar and extension that modifies the browsers search and home pages as well as delivers contextual based advertising. This toolbar currently supports Internet Explorer, Firefox and Chrome.
www.avira.com/en/avira-searchfree-toolbar
76% remove it
KMP Media Toolbar  by APN LLC
KMP Media Toolbar is a web browser toolbar and extension that modifies the browsers search and home pages as well as delivers contextual based advertising. This toolbar currently supports Internet Explorer, Firefox and Chrome.
87% remove it
Sopcast Toolbar  by APN LLC
Sopcast Toolbar is a web browser toolbar and extension that modifies the browsers search and home pages as well as delivers contextual based advertising. This toolbar currently supports Internet Explorer, Firefox and Chrome.
79% remove it
Virtual DJ Toolbar  by APN, LLC
Virtual DJ Toolbar is an Ask.com (Ask Partner Network) Toolbar that will provide limited web browser functionality but will modify the user's home and search pages and providers to an Ask.com managed partner search engine.
68% remove it
 
Powered by Should I Remove It?

Remove vntsrv.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.