Y2Go

Y2Go Description

Y2Go is a potentially unwanted program that may offer methods for monitoring or viewing web traffic. The Y2Go may be offered as an add-on component for popular web browser programs where it may be somewhat intrusive with its actions and display of pop-up features or even advertisements. In most cases, Y2Go is loaded due to the installation of third party apps, freeware or bundled apps downloaded from the Internet.

The monitoring actions of Y2Go may posse somewhat questionable action for many computer users. Due to the uncertainty of Y2Go’s actions, some computer users will want to eliminate the Y2Go program and discontinue use of its offered features and functions. Those wishing to discontinue use of Y2Go may do so by either using an antimalware tool or going through the Internet settings of popular web browser programs.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Y2Go may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%LOCALAPPDATA%\MicrosoftHelper\bin\Y2Go.exe File name: Y2Go.exe
Size: 2.33 MB (2330592 bytes)
MD5: 246c1fd08f967caba7f9c38c1e925dfd
Detection count: 103
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\MicrosoftHelper\bin\
Group: Malware file
Last Updated: June 30, 2018
%LOCALAPPDATA%\MicrosoftHelper\bin\pt.exe File name: pt.exe
Size: 287.71 KB (287712 bytes)
MD5: 522e22da39cd8a6e2624781f773f464c
Detection count: 35
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\MicrosoftHelper\bin\
Group: Malware file
Last Updated: April 21, 2017
%LOCALAPPDATA%\MicrosoftHelper\bin\UrlHandler.exe File name: UrlHandler.exe
Size: 346.08 KB (346080 bytes)
MD5: eff9d632fa74f3c4a3ba008fed220493
Detection count: 35
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\MicrosoftHelper\bin\
Group: Malware file
Last Updated: April 21, 2017
%LOCALAPPDATA%\MicrosoftHelper\bin\WebControl.exe File name: WebControl.exe
Size: 367.07 KB (367072 bytes)
MD5: f7460a8c3c6a68831794b53f8c00f792
Detection count: 12
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\MicrosoftHelper\bin\
Group: Malware file
Last Updated: April 21, 2017
%LOCALAPPDATA%\OneDrive\bin\OneDrive.exe File name: OneDrive.exe
Size: 2.79 MB (2790744 bytes)
MD5: bfa7f99cdafac32286fbb63a9fe50133
Detection count: 9
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\OneDrive\bin\
Group: Malware file
Last Updated: October 27, 2017
%LOCALAPPDATA%\OneDriveUpdater\updater.exe File name: updater.exe
Size: 1.97 MB (1974616 bytes)
MD5: 16c139656834deb58c2b50a71db27249
Detection count: 5
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\OneDriveUpdater\
Group: Malware file
Last Updated: October 27, 2017
%LOCALAPPDATA%\OneDriveUpdater\taskutil.exe File name: taskutil.exe
Size: 264.53 KB (264536 bytes)
MD5: 6c6ff6732abe44ad6435885e18f568bf
Detection count: 5
File type: Executable File
Mime Type: application/octet-stream
Path: %LOCALAPPDATA%\OneDriveUpdater\
Group: Malware file
Last Updated: October 27, 2017

Registry Modifications


The following newly produced Registry Values are:

Directory%LOCALAPPDATA%\MicrosoftHelper%LOCALAPPDATA%\OneDriveUpdater%PROGRAMFILES%\Y2Go%PROGRAMFILES(x86)%\Y2Go%USERPROFILE%\Local Settings\Application Data\MicrosoftHelper%UserProfile%\Local Settings\Application Data\OneDriveUpdater%WINDIR%\System32\Tasks\Y2GoHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Y2GoRegistry keySoftware\Microsoft\SystemCertificates\CA\Certificates\E478E08FA7CA554530E27AEDC9AB9EE58C259788SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Y2GoSoftware\Y2GoRegexp file mask%LOCALAPPDATA%\MicrosoftHelper\CertificateService.exe
Posted: April 17, 2017
Threat Metric
Threat Level: 1/10
Infected PCs 1,391

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.