Bitlord Toolbar

Posted: December 30, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	8,290
Threat Level:	5/10
Infected PCs:	3,145

First Seen:	December 30, 2013
Last Seen:	September 16, 2023
OS(es) Affected:	Windows

The Bitlord Toolbar is a browser add-on that is typically installed by the Bitlord torrent client. Although the associated Bitlord company has been found to have a history of suspicious business behavior, the Bitlord Toolbar isn't considered a threat but may show advertisements in your browser. Adware just like the Bitlord Toolbars may be origin points for a range of minor security and performance problems, and malware analysts would say that removing the Bitlord Toolbar is the right thing to do in any circumstance that isn't highly unusual. Until its complete deletion, the Bitlord Toolbar may put your PC at risk for phishing hoaxes and other attacks that are known to use the advertising rings that are popular amongst adware.

The Toolbar that Lords Over Your Browser

The Bitlord Toolbar is bundled with Bitlord, a general purpose file-uploading and downloading utility, presumably as a way of financing Bitlord's development. Although there are, obviously, alternative file distribution programs that don't include bundled adware, the Bitlord Toolbar only is a Potentially Unwanted Program and doesn't need to be considered as damaging as other type of threats.

Malware researchers have determined the bulk of the Bitlord Toolbar's advertising functions to be concerned with injecting their advertisements into your Web browser, rather than loading separate pop-up windows or hijacking your homepage (for examples of alternative advertising schemes). These injected advertisements should be identified as being from the Bitlord Toolbar, but may change the affected Web page's format in ways that make some of its content inaccessible. The Bitlord Toolbar also may cause performance problems, and, as usual, malware researchers are forced to consider the Bitlord Toolbar, like all adware, as a minor security hazard. The last point is due, in large part, to the fact that viewers can't block its advertisements without removing the actual toolbar, which forces potential exposure to corrupted or misleading advertising subject matter.

Examining the Tin Foil on this Bitlord's Crown

If the Bitlord Toolbar is analyzed in isolation from its company, the Bitlord Toolbar is another forgettable brand of adware. However, the Bitlord product's company has a confirmed history of making false marketing claims, such as claiming to promote open-source software without providing the relevant source code. These kinds of misleading marketing habits often are symptomatic of companies that aren't interested in the safety of their user bases and give malware researchers another good reason to recommend avoiding contact with the Bitlord Toolbar's advertisements.

If you've installed Bitlord and find yourself wanting to uninstall the Bitlord Toolbar that comes with it, consider using anti-malware or anti-adware products for the process. Deleting a Bitlord Toolbar, or, for that matter, most other kinds of adware through standard methods often fails to remove all of the components of the related adware. This may cause lingering browser performance issues, unusual pop-up errors and other problems.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}Software\AppDataLow\Software\BitlordSoftware\AppDataLow\Toolbar\RegisteredSources\CT1640187SOFTWARE\BitlordSOFTWARE\Classes\Toolbar.CT1640187Software\Microsoft\Internet Explorer\Approved Extensions\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Bitlord_brch.exeSoftware\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Bitlord_brff.exeSoftware\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Bitlord_brie.exeSoftware\Microsoft\Internet Explorer\Toolbar\WebBrowser\{63EE0F5C-B56A-4ECF-B209-45FDCBFCAF45}SOFTWARE\Microsoft\Internet Explorer\Toolbar\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}Software\Microsoft\Internet Explorer\URLSearchHooks\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{63EE0F5C-B56A-4ECF-B209-45FDCBFCAF45}SOFTWARE\Wow6432Node\BitlordSOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{63ee0f5c-b56a-4ecf-b209-45fdcbfcaf45}

Additional Information

The following directories were created:

%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\nbalkgdkgcjejpejabpmlagbagokeeop%LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Extension Settings\nbalkgdkgcjejpejabpmlagbagokeeop%LOCALAPPDATA%\Google\Chrome\User Data\Default\databases\chrome-extension_nbalkgdkgcjejpejabpmlagbagokeeop_0%LOCALAPPDATA%\NativeMessaging\CT1640187%USERPROFILE%\AppData\LocalLow\Bitlord%USERPROFILE%\Application Data\Bitlord