home

vntsrv.dll

Virtual New Tab

APN LLC.

This installer is part of the Ask.com (APN) network which will install the Ask.com branded toolbar or browser extension which will take control of the web browser's search functions. The module vntsrv.dll, “Virtual New Tab Server” has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the APN Stub installer, however the file is not signed with an authenticode signature from a trusted source.
Publisher:
APN LLC.

Product:
Virtual New Tab

Description:
Virtual New Tab Server

Version:
1.0.0.3013

MD5:
4b806bd48e36c53baf4283ffb3a14d76

SHA-1:
b6eeab89319c71607108c9c9ed9bae7ca4ceec62

SHA-256:
b104cad43b981f3d52e50134ab313df7fbd09367ff1c9c0afa9558d3792b13a2

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/27/2024 1:40:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.APN.G
14.3.6.0

File size:
198.9 KB (203,708 bytes)

Product version:
1.0.0.3013

Copyright:
(c) APN LLC. All rights reserved.

Original file name:
vntsrv.dll

File type:
Dynamic link library (Win32 DLL)

Installer:
APN Stub

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\vnt\vntsrv.dll

File PE Metadata
Compilation timestamp:
12/3/2013 11:46:36 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:Akx92ZlF3RgRP67uNxVmfxJzddSqKpnLquvjrl4MZSp6WjjuQ+0YKIO0dVIj:AkxkFhgRP67uNunjGnm0lXZOjyQDUdaj

Entry address:
0x1C000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 8B, C5, 81, ED, A8, A6, 01, 20, 2B, 85, 0F, AE, 01, 20, 89, 85, 0B, AE, 01, 20, B0, 00, 86, 85, 40, B0, 01, 20, 3C, 01, 0F, 85, BC, 01, 00, 00, 83, BD, 3B, AF, 01, 20, 00, 74, 33, 83, BD, 3F, AF, 01, 20, 00, 74, 2A, 8B, 85, 0B, AE, 01, 20, 2B, 85, 3B, AF, 01, 20, 8B, 00, 89, 85, 78, AF, 01, 20, 8B, 85, 0B, AE, 01, 20, 2B, 85, 3F, AF, 01, 20, 8B, 00, 89, 85, 7C, AF, 01, 20, EB, 61, 83, BD, 43, AF, 01, 20, 00, 74, 58, 8B, 85, 0B, AE, 01, 20, 2B, 85, 43, AF, 01, 20, FF, 30, 8D, 85...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
61 KB (62,464 bytes)

Remove vntsrv.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.