Unknown service

dockerthedog

Weaksauce
Joined
Feb 15, 2006
Messages
75
After being afflicted with the deactivation bug, I reinstalled Win 10 Pro before finding out it was a bug. No biggie as I needed to do it anyway. Now, while checking running services and processes, I noticed one named YellowProdSSF.exe. I've never seen it before that I can recall and google offers 0 returns. The service can't be stopped. This is the path.
C:\Program Files (x86)\Common Files\YellowProdSSF\YellowProdSSF.exe -service

Any ideas?
 
Is there signing info on the file, what other software do you have installed?
 
No signing info I can find and I used the Media Creation tool from Microsoft. Nothing special on software, Steam, Avast, and games from steam. I think I'm going to just do another reformat.
 
No signing info I can find and I used the Media Creation tool from Microsoft. Nothing special on software, Steam, Avast, and games from steam. I think I'm going to just do another reformat.
the system you are making the image on is clean, no malware?
 
It was a fresh reformat using a usb made with the media creation tool, downloaded from Microsoft. Only thing I've installed since is Steam, Avast free, and some steam games. I find it odd there are literally 0 returns for it on Google, well, this post is there now, but that's it. And drivers, Mobo from Asus and gpu from Nvidia
 
It was a fresh reformat using a usb made with the media creation tool, downloaded from Microsoft. Only thing I've installed since is Steam, Avast free, and some steam games. I find it odd there are literally 0 returns for it on Google, well, this post is there now, but that's it. And drivers, Mobo from Asus and gpu from Nvidia
yeah it is weird but I meant the computer you use to make the usb image is clean, not the one you are reloading. if you reload and its still there then I guess its part of the new image. and if you do only install windows and see if its there.
 
Yeah, it was clean as far as Avast was concerned. I just ran Malwarebytes and it hit on the file as Malware. Here's a bit of the log. No idea where the heck it came from. It's litterally a day old install and everything was downloaded from manufacturer sites, i.e. Nvidia, Asus, etc.

-Scan Details-
Process: 1
Adware.IStartSurf, C:\PROGRAM FILES (X86)\COMMON FILES\YELLOWPRODSSF\YELLOWPRODSSF.EXE, No Action By User, [635], [595711],1.0.7789

Module: 1
Adware.IStartSurf, C:\PROGRAM FILES (X86)\COMMON FILES\YELLOWPRODSSF\YELLOWPRODSSF.EXE, No Action By User, [635], [595711],1.0.7789

Registry Key: 3
PUP.Optional.SpecialSearchOffer.ShrtCln, HKU\S-1-5-21-3548051569-3773726782-4067284284-1001\SOFTWARE\SpecialSearchOffer, No Action By User, [5516], [405205],1.0.7789
Adware.IStartSurf, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\YellowProdSSF, No Action By User, [635], [595711],1.0.7789
Adware.SearchProvide, HKU\S-1-5-21-3548051569-3773726782-4067284284-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mpicjgpamgcnpiacdciefbgahmkhhogc, No Action By User, [356], [500746],1.0.7789

Registry Value: 1
Adware.SearchProvide, HKU\S-1-5-21-3548051569-3773726782-4067284284-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|mpicjgpamgcnpiacdciefbgahmkhhogc, No Action By User, [356], [500746],1.0.7789

Registry Data: 0
(No malicious items detected)
 
Well, Malwarebytes seems to have gotten it. It's no longer running in services and the folder is now gone. Still going to reformat cause I never trust these cleaner programs :)
 
huh. there ya go. maybe its something goofy in the asus stuff or a malicious in-page ad.
 
Not sure. I'd like to think a manufacturers page is safe. Ugh, such a pain to reformat. I still stick to the only the destination hdd (well, M.2) and a single video card adding the rest of the crap, second 1070, game SSD's and storage Hdd, later. Then installing drivers one at a time. I really need to be more active one here!
 
Back
Top