GoPhoto.it Toolbar

By CagedTech in Bad Toolbars

Threat Scorecard

Ranking:	6,115
Threat Level:	50 % (Medium)
Infected Computers:	13,435

First Seen:	January 16, 2014
Last Seen:	September 27, 2023
OS(es) Affected:	Windows

Table of Contents

File System Details

GoPhoto.it Toolbar may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	trz5502.tmp	d22004ffe80863fcf7f098b087b85956	1,406
Name: trz5502.tmp MD5: d22004ffe80863fcf7f098b087b85956 Size: 531.96 KB (531968 bytes) Detections: 1,406 Type: Temporary File Path: C:\Users\<username>\AppData\Local\GoPhoto.it\gophotoit\1.3.9.2\trz5502.tmp Group: Malware file Last Updated: December 13, 2020
2.	gophotoit.exe	6f99a209dbb14e3289124badbc2f055b	4
Name: gophotoit.exe MD5: 6f99a209dbb14e3289124badbc2f055b Size: 530.94 KB (530944 bytes) Detections: 4 Type: Executable File Path: %LOCALAPPDATA%\GoPhoto.it\gophotoit\1.3.9.0 Group: Malware file Last Updated: March 22, 2016

Registry Details

GoPhoto.it Toolbar may create the following registry entry or registry entries:

CLSID

{0DE47778-66B8-41B2-86C2-F451AFF2A4AA}

{1DCEDAB5-BEBD-414B-8DEC-9A096A7511D2}

{1FC66B3B-4036-4383-BF18-5449A0C40790}

{22C9E7CD-6489-4837-9E71-009D8DA42DB3}

{3DCDBCE2-D763-4BE2-BA9D-566D92BC41BE}

{4EB6BA31-D813-408B-9D39-957612F12C46}

{553F7328-C3DC-482F-AA8B-C7BC74CC9CC9}

{572E51CC-6813-4DE1-8E6D-61BC3FB7F610}

{643E37C9-C1E9-47FC-BE44-DB04187D6C45}

{68D143E1-9B19-4A8A-8B38-279CBF8E0787}

{740D72BE-DB85-492F-B8EC-EB2BED3C2E3B}

{76C29512-D3E3-4DFC-8955-CE0BCB9F81B2}

{79A426F0-C5F3-41EF-9DEF-B28C21B4D183}

{86027901-258C-47A8-942A-8555C05A361A}

{9D5FF795-D3A3-4374-BA58-253D125E4550}

{A433FB4B-64A8-4434-8247-DC291DF80149}

{AEA69B70-3505-43E3-B942-FAF9F5F528DD}

{AFFB4E10-4C15-48BD-803A-450162FE1CFC}

{B22CFB03-D7C2-46AA-97F9-EC23D5A735D5}

{BFE02A07-D626-4F8C-B0F2-6BB502FA2C8E}

{ED817034-E3B7-4F43-8954-21F54F8A4479}

HKEY..\..\..\..{RegistryKeys}

Software\AppDataLow\Software\TheGoPhoto.it V10

SOFTWARE\Classes\7cd785c0052c013240a20f6cdde3bdb00063313.BHO

SOFTWARE\Classes\7cd785c0052c013240a20f6cdde3bdb00063313.BHO.1

SOFTWARE\Classes\7cd785c0052c013240a20f6cdde3bdb00063313.Sandbox

SOFTWARE\Classes\7cd785c0052c013240a20f6cdde3bdb00063313.Sandbox.1

SOFTWARE\Classes\esrv.gophotoitESrvc

SOFTWARE\Classes\esrv.gophotoitESrvc.1

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\TheGoPhoto.it V10

SOFTWARE\Cool Mirage Ltd\gophotoit

Software\GoPhoto.it

Software\gophotoit.com

Software\InstalledBrowserExtensions\joep\63313

Software\Microsoft\Internet Explorer\Approved Extensions\{22C9E7CD-6489-4837-9E71-009D8DA42DB3}

Software\Microsoft\Internet Explorer\Approved Extensions\{76C29512-D3E3-4DFC-8955-CE0BCB9F81B2}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2170E99B-D858-4FBD-92C7-FAE5CCB12E3E}

Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311401168}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22C9E7CD-6489-4837-9E71-009D8DA42DB3}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{76C29512-D3E3-4DFC-8955-CE0BCB9F81B2}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22C9E7CD-6489-4837-9E71-009D8DA42DB3}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{76C29512-D3E3-4DFC-8955-CE0BCB9F81B2}

SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gophotoit

SOFTWARE\TheGoPhoto.it V10

SOFTWARE\Wow6432Node\Cool Mirage Ltd\gophotoit

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2170E99B-D858-4FBD-92C7-FAE5CCB12E3E}

Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311401168}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{76C29512-D3E3-4DFC-8955-CE0BCB9F81B2}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gophotoit

SOFTWARE\Wow6432Node\TheGoPhoto.it V10

Directories

GoPhoto.it Toolbar may create the following directory or directories:

%APPDATA%\Cool Mirage Ltd\gophotoit

%LOCALAPPDATA%\GoPhoto.it

%PROGRAMFILES%\Cool Mirage Ltd\gophotoit

%PROGRAMFILES%\GoPhoto.it V9.0

%PROGRAMFILES%\Gophoto.it

%PROGRAMFILES%\TheGoPhoto.it V10

%PROGRAMFILES(x86)%\Cool Mirage Ltd\gophotoit

%PROGRAMFILES(x86)%\GoPhoto.it V9.0

%PROGRAMFILES(x86)%\Gophoto.it

%PROGRAMFILES(x86)%\TheGoPhoto.it V10

%USERPROFILE%\AppData\LocalLow\Cool Mirage Ltd\gophotoit

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

GoPhoto.it Toolbar

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Directories

Submit Comment

Related Posts

Gophoto.it

Trending

PracticalRemote

Triovideo.ru

Elibe Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen