Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Fraud.SoftCop

  1. #1
    Junior Member
    Join Date
    Jul 2009
    Posts
    2

    Default Fraud.SoftCop

    Since the last update (Oct. 28, 2009) TeaTimer identifies a C:Windows\System32 file - ibmpmsvc.exe - as Fraud.SoftCop. This file is part of Thinkpad's power management and one I need to keep.

    When TeaTimer catches the file, the teatimer window does not let me run or keep the file. It will only allow me to terminate and delete the file.

    I've excluded Fraud.SoftCop from the product exclusion list. But this does not seem the right way to deal with the problem.
    How do I exclude this specific file?

  2. #2
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Quote Originally Posted by rcfc1 View Post
    Since the last update (Oct. 28, 2009) TeaTimer identifies a C:Windows\System32 file - ibmpmsvc.exe - as Fraud.SoftCop. This file is part of Thinkpad's power management and one I need to keep.

    When TeaTimer catches the file, the teatimer window does not let me run or keep the file. It will only allow me to terminate and delete the file.

    I've excluded Fraud.SoftCop from the product exclusion list. But this does not seem the right way to deal with the problem.
    How do I exclude this specific file?
    I can confirm that there is a false positive with Fraud.SoftCop.
    For TeaTimer you can set the file to be allowed permanently if TeaTimer asks.
    • uncheck "Delete the associated file"
    • select "Allow this process to run" and click ok

    This will add the file to the allowed processes within TeaTimer and is active until removed.
    Allowing ibmpmsvc.exe should not cause any problems later.

    A fix for this false positive will be released soon, you will need to restart the TeaTimer after the update.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  3. #3
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Update is online and is dated 2009-10-29, remember to restart the TeaTimer after the update.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  4. #4
    annieK
    Guest

    Default Fraud.SoftCop--uedos32.exe--where to "deleted"?

    Quote Originally Posted by rcfc1 View Post
    Since the last update (Oct. 28, 2009) TeaTimer identifies a C:Windows\System32 file - ibmpmsvc.exe - as Fraud.SoftCop. This file is part of Thinkpad's power management and one I need to keep.
    ...
    Hi, encountered similar after last update, detecting uedos32.exe (part of UltraEdit, that worked for years) as "Fraud.SoftCop".

    After ignoring *many* warnings, found the file deleted, maybe by I wrong click by me:
    *Where* SpyBot could move it? (couldn't find it through GUI)

  5. #5
    Junior Member
    Join Date
    Oct 2009
    Posts
    1

    Default

    RSSowl (news reader http://www.rssowl.org ) is also reported as Fraud.SoftCop

    2009-10-29 10:47:30 Encountered and terminated Fraud.SoftCop in C:\Program Files\rssowl\RSSOwl.exe!

  6. #6
    annieK
    Guest

    Default fixed

    can confirm it's fixed

  7. #7
    Junior Member
    Join Date
    Oct 2009
    Posts
    7

    Default How to restart Teatimer

    How does one restart Teatimer? I just did "Exit Spybot S&D" from the toolbar/tray thing. Is that what you mean?

    Also, PDF995 had the same problem with claiming to have Fraud.SoftCop.

    Quote Originally Posted by Yodama View Post
    Update is online and is dated 2009-10-29, remember to restart the TeaTimer after the update.

  8. #8
    annieK
    Guest

    Default

    Quote Originally Posted by Wilkins View Post
    How does one restart Teatimer? I just did "Exit Spybot S&D" from the toolbar/tray thing. Is that what you mean?
    I just wanted to confirm the SpyBot guys, that the update of 29th worked for me (wrong false with Fraud.SoftCop using UltraEdit is fixed).

    Restart was needed, yes.

  9. #9
    Junior Member
    Join Date
    Nov 2009
    Posts
    1

    Default

    Yea, I just had it give me this same false warning for installing Aptana.

    I'm just letting it run against the recommendation. I know Aptana is not trying to spy on me . .

  10. #10
    Junior Member
    Join Date
    Nov 2009
    Posts
    1

    Default

    Hi there,
    This is my first post in this forum & this seems like the right thread to post my question in. I have also had a false positive for Fraud.Softcop, in my case it picked up photoshopserver.exe as the malware. I went ahead & let SBSD block & delete the file/process without realising what the process was. In this case photoshopserver.exe allows Premiere Pro CS4 to import/recognise Photoshop PSD files. After letting SBSD delete this, I can no longer import PSD's into PPRO.

    My question for the experts here is, is there any way to restore that file from Spybot without having to reinstall PPRO?

    Cheers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •