vntsrv.dll

Virtual New Tab

APN LLC.

The module vntsrv.dll, “Virtual New Tab Server” has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including Ask Toolbar by APN LLC and Virtual DJ Toolbar by APN, LLC, both potentially unwanted software.
Publisher:
APN LLC.

Product:
Virtual New Tab

Description:
Virtual New Tab Server

Version:
9.9.9.9

MD5:
3084d842e166d304e62a686e48f1d293

SHA-1:
caf61f4a221468d01234eeb45843ae5d5db3906b

SHA-256:
5cea217ee8d1fdae3f5e475c22a5dc16f38d2560c4ac11b948fd69b14a6389fd

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
3/22/2014 1:10:59 PM UTC  (six months ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.APN.G
14.3.22.9

File size:
91 KB (93,184 bytes)

Product version:
9.9.9.9

Copyright:
(c) APN LLC. All rights reserved.

Original file name:
vntsrv.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\askpartnernetwork\toolbar\plt2-v7\source\Program Files\vnt\vntsrv.dll

File PE Metadata
Compilation timestamp:
3/17/2014 3:51:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:HPMmZ9WpVE8cUWgF8q6CnzadkCNk12Ty24btBl4fx2DyFrA:vHvWLE8cUtkCVChOhBl4fx2DylA

Entry address:
0x6E38

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 9D, 4C, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 68, 8C, 01, 10, 00, 74, 05, E9, F4, 4C, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83...
 
[+]

Entropy:
6.2400

Code size:
61.5 KB (62,976 bytes)

The file vntsrv.dll has been discovered within the following programs.

Ask Toolbar  by APN LLC
The Ask Toolbar is a web browser extension and toolbar that delivers contextual based advertising as well as modify the user's web browser home and search pages to provide advertising and search.
apn.ask.com
74% remove it
KMP Media Toolbar  by APN LLC
KMP Media Toolbar is a web browser toolbar and extension that modifies the browsers search and home pages as well as delivers contextual based advertising. This toolbar currently supports Internet Explorer, Firefox and Chrome.
87% remove it
Virtual DJ Toolbar  by APN, LLC
Virtual DJ Toolbar is an Ask.com (Ask Partner Network) Toolbar that will provide limited web browser functionality but will modify the user's home and search pages and providers to an Ask.com managed partner search engine.
68% remove it
 
Powered by Should I Remove It?

There are 11 known variations of vntsrv.dll by APN LLC..

2 / 68      (Adware)
vntsrv.dll  10.0.0.1064  (b76102ad98c8783ce70ae7ce56205fe0bec9eb2f)

1 / 68      (Adware)
vntsrv.dll  10.0.0.85  (b09c00b84e97a7fade65e9fe622a88c5bf662e15)

1 / 68      (Adware)
vntsrv.dll  1.4.0.4927  (fb990ccf2116ec881707e877db1320541c1a91f7)

1 / 68      (Adware)
vntsrv.dll  1.3.0.335  (dc9febe1f923953e71bc205a8eb861b9dd47b029)

48 / 68    (Adware)
vntsrv.dll  1.2.0.3294  (b69b09d0636fdc25bbeca097c2173568132677ad)

1 / 68      (Adware)
vntsrv.dll  1.2.0.3294  (73606da5234f9c17719e0ceba1a482683615c181)

1 / 68      (Adware)
vntsrv.dll  1.0.0.3013  (c093a668d870070a8ffdd4085cecb226d54ef136)

1 / 68      (Adware)
vntsrv.dll  1.0.0.3013  (b6eeab89319c71607108c9c9ed9bae7ca4ceec62)

1 / 68      (Adware)
vntsrv.dll  1.0.0.3013  (97135dc89065caf20fd76047f922ebc04dcd0051)

1 / 68      (Adware)
vntsrv.dll  1.0.0.2315  (a5b5bb2a3b5db39d13da7c5ac2bee02e42e23e5f)

1 / 68      (Adware)
vntsrv.dll  1.0.0.2248  (1ba09325b4d1b4c2318965024f884932b94f4573)

2 / 68      (PUP)
vntldr.exe  (7ac6f7e3b4791f837d5caee5721052bd2ad1c59e)

Detection Incidence by Country