Is There Malware in SPSS ver 24

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Is There Malware in SPSS ver 24

Mike
So I was doing my yearly computer systems scan today
and out of 5 million or so files that were examined only
one turn out to have a problem.  The file was

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

and System Mechanic Pro found the follow Trojan program

Java/Agent.BHW
(Java version of Agent.BHW)

I have searched the web for Agent.BHW and found very little
on this but the MALtiverse website did have info which suggests
that it may be a nasty thing; see:


So, Jon or any of the other SPSS Co folks (former or current),
is this a real problem or a mis-identification?

BTW, I'm running on a Win 10 machine if that  matters and
I got the copy through NYU's connection to onthehub.com
(which means it should be legit)?

-Mike Palij
New York University



===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Jon Peck
If there is a virus in it, it certainly was not there when it was shipped.  That is the main UI code file for Statistics 24.  On my system it is 14,000,557 bytes.  Yours might be a little different depending on service packs.

I suggest that you run Windows Defender on it to see what it says.

On Mon, Jul 9, 2018 at 6:18 PM Michael Palij <[hidden email]> wrote:
So I was doing my yearly computer systems scan today
and out of 5 million or so files that were examined only
one turn out to have a problem.  The file was

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

and System Mechanic Pro found the follow Trojan program

Java/Agent.BHW
(Java version of Agent.BHW)

I have searched the web for Agent.BHW and found very little
on this but the MALtiverse website did have info which suggests
that it may be a nasty thing; see:


So, Jon or any of the other SPSS Co folks (former or current),
is this a real problem or a mis-identification?

BTW, I'm running on a Win 10 machine if that  matters and
I got the copy through NYU's connection to onthehub.com
(which means it should be legit)?

-Mike Palij
New York University



===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


--
Jon K Peck
[hidden email]

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Salbod
In reply to this post by Mike

Dear Michael, Thanks for the heads up. I recommend onthehub to students. It would be nice to know the source of the malware you detected. –Steve

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Michael Palij
Sent: Monday, July 09, 2018 8:18 PM
To: [hidden email]
Subject: Is There Malware in SPSS ver 24

 

So I was doing my yearly computer systems scan today

and out of 5 million or so files that were examined only

one turn out to have a problem.  The file was

 

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

 

and System Mechanic Pro found the follow Trojan program

 

Java/Agent.BHW

(Java version of Agent.BHW)

 

I have searched the web for Agent.BHW and found very little

on this but the MALtiverse website did have info which suggests

that it may be a nasty thing; see:

 

 

So, Jon or any of the other SPSS Co folks (former or current),

is this a real problem or a mis-identification?

 

BTW, I'm running on a Win 10 machine if that  matters and

I got the copy through NYU's connection to onthehub.com

(which means it should be legit)?

 

-Mike Palij

New York University

 

 

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Mike
Steve,

A few things to keep in mind:

(1)  The file in question (Java version of Agent.BHW) needs additional documentation
as to what it actually does (both good and bad).  I found it after using SPSS v24
for a year during which I did not see any problems.  However, the file may not have
been intended to muck up a system but to collect various pieces of info (e.g., logins
and passwords for websites, etc.). I'm familiar with all of the different types of
malware but I think certain Advert presentation progs are considered malware
because it collects user's info without the user's knowledge.  For SPSS, especially
public computers, perhaps someone does want to know what files it is accessing
and where (if that is what Agent.BHW does) though this may be the system admin
and not the end user who might not want such info to be shared.  This raises the
question of what Agent.BHW is supposed to do.  Since it seems to be in the User
Interface for SPSS Statistics, it would seem that plays some basic role.  But what
is it.

(2)  Examining sources on the Web I have come to two conclusions:

(a)  not all anti-virus/security software detect all malware -- apparently F-prot
and Cygen detect Agent.BHW (I used Iollo's System Mechanic) but other progs do
not.  Is this because it is considered not to be malware by the software or does
it hides itself better from other software?

(b)  The webpage by MALtiverse suggests that Agent.BHW is pretty nasty
but (a) does not provide much info on this, and (b) it seems really difficult
to find info on the nastiness elsewhere.  I thought that there should be some
info on Wikipedia but the closest I came was an entry on Agent.AFW; see:


It is unclear if Agent.BHW is a variant of Agent.AWF (Wiki explains the
nastiness one can expect with Agent.AWF across versions of Windows;
System Mechanic identifies Agent.BHW as being a Trojan prog which
puts it in the same "class" of malware as Agent.AWF) or a completely
different animal.

I'm a little surprised at how little info there seems to be about Agent.BHW
(Agent.AWF appears to be old, obsolete software; is Agent.BHW the
next/later generation?) either as a utility or as malware.  It may be in
limited use and/or it is a form of proprietary software that the owners
don't want to advertise. It would be helpful who is knowledgeable about
Agent.BHW chimed in about it.  In the meantime "Don't Panic!" ;-)

-Mike Palij
New York University






On Tue, Jul 10, 2018 at 9:40 AM, Salbod, Mr. Stephen <[hidden email]> wrote:

Dear Michael, Thanks for the heads up. I recommend onthehub to students. It would be nice to know the source of the malware you detected. –Steve

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Michael Palij
Sent: Monday, July 09, 2018 8:18 PM
To: [hidden email]
Subject: Is There Malware in SPSS ver 24

 

So I was doing my yearly computer systems scan today

and out of 5 million or so files that were examined only

one turn out to have a problem.  The file was

 

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

 

and System Mechanic Pro found the follow Trojan program

 

Java/Agent.BHW

(Java version of Agent.BHW)

 

I have searched the web for Agent.BHW and found very little

on this but the MALtiverse website did have info which suggests

that it may be a nasty thing; see:

 

 

So, Jon or any of the other SPSS Co folks (former or current),

is this a real problem or a mis-identification?

 

BTW, I'm running on a Win 10 machine if that  matters and

I got the copy through NYU's connection to onthehub.com

(which means it should be legit)?

 

-Mike Palij

New York University

 

 

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Jon Peck
Let's be clear.  The SPSSClientUI.jar file in V24 as shipped by IBM consists of 6771 files, but Agent.BHW is NOT one of them.  So this file must have been inserted in Mike's jar file after installation.  You can open this jar file in WinZip, IZArc, or equivalents and see for yourself.  It is unlikely that onthehub is distributing a contaminated version, but installing Statistics on a known noncontaminated system and looking at this file would be definitive.

Official builds of SPSS Statistics and other IBM products are done on secure systems that are regularly checked for malware, and shipped product versions are also checked before they go into distribution.

Quoting from a website on this trojan...

How did Win32:Agent-BHW get on my Computer?

Like other trojans, Win32:Agent-BHW gains entry through source programs carrying a trojan payload that you unknowingly install. Common sources of such programs are:

  • Malicious websites designed specifically to inject Trojans
  • Legitimate websites infected with Trojans
  • Email attachments
  • Fake updates presented for installed software
  • Peer-to-peer sharing software
  • Malicious video players and codecs
  • Free downloadable games
  • Chat software
  • IRC channels
  • Social media links pointing to infected files or websites


On Tue, Jul 10, 2018 at 8:16 AM Michael Palij <[hidden email]> wrote:
Steve,

A few things to keep in mind:

(1)  The file in question (Java version of Agent.BHW) needs additional documentation
as to what it actually does (both good and bad).  I found it after using SPSS v24
for a year during which I did not see any problems.  However, the file may not have
been intended to muck up a system but to collect various pieces of info (e.g., logins
and passwords for websites, etc.). I'm familiar with all of the different types of
malware but I think certain Advert presentation progs are considered malware
because it collects user's info without the user's knowledge.  For SPSS, especially
public computers, perhaps someone does want to know what files it is accessing
and where (if that is what Agent.BHW does) though this may be the system admin
and not the end user who might not want such info to be shared.  This raises the
question of what Agent.BHW is supposed to do.  Since it seems to be in the User
Interface for SPSS Statistics, it would seem that plays some basic role.  But what
is it.

(2)  Examining sources on the Web I have come to two conclusions:

(a)  not all anti-virus/security software detect all malware -- apparently F-prot
and Cygen detect Agent.BHW (I used Iollo's System Mechanic) but other progs do
not.  Is this because it is considered not to be malware by the software or does
it hides itself better from other software?

(b)  The webpage by MALtiverse suggests that Agent.BHW is pretty nasty
but (a) does not provide much info on this, and (b) it seems really difficult
to find info on the nastiness elsewhere.  I thought that there should be some
info on Wikipedia but the closest I came was an entry on Agent.AFW; see:


It is unclear if Agent.BHW is a variant of Agent.AWF (Wiki explains the
nastiness one can expect with Agent.AWF across versions of Windows;
System Mechanic identifies Agent.BHW as being a Trojan prog which
puts it in the same "class" of malware as Agent.AWF) or a completely
different animal.

I'm a little surprised at how little info there seems to be about Agent.BHW
(Agent.AWF appears to be old, obsolete software; is Agent.BHW the
next/later generation?) either as a utility or as malware.  It may be in
limited use and/or it is a form of proprietary software that the owners
don't want to advertise. It would be helpful who is knowledgeable about
Agent.BHW chimed in about it.  In the meantime "Don't Panic!" ;-)

-Mike Palij
New York University






On Tue, Jul 10, 2018 at 9:40 AM, Salbod, Mr. Stephen <[hidden email]> wrote:

Dear Michael, Thanks for the heads up. I recommend onthehub to students. It would be nice to know the source of the malware you detected. –Steve

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Michael Palij
Sent: Monday, July 09, 2018 8:18 PM
To: [hidden email]
Subject: Is There Malware in SPSS ver 24

 

So I was doing my yearly computer systems scan today

and out of 5 million or so files that were examined only

one turn out to have a problem.  The file was

 

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

 

and System Mechanic Pro found the follow Trojan program

 

Java/Agent.BHW

(Java version of Agent.BHW)

 

I have searched the web for Agent.BHW and found very little

on this but the MALtiverse website did have info which suggests

that it may be a nasty thing; see:

 

 

So, Jon or any of the other SPSS Co folks (former or current),

is this a real problem or a mis-identification?

 

BTW, I'm running on a Win 10 machine if that  matters and

I got the copy through NYU's connection to onthehub.com

(which means it should be legit)?

 

-Mike Palij

New York University

 

 

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


--
Jon K Peck
[hidden email]

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Timothy Hennigar-2

What about installing the extensions? All these from the HUB are also verified virus free?

 

 

 

Thanks!

 

*********************************

Notice: This e-mail and any attachments may contain confidential and privileged information.  If you are not the intended recipient, please notify the sender immediately by return e-mail, do not use the information, delete this e-mail and destroy any copies.  Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.  Email transmissions cannot be guaranteed to be secure or error free. The sender therefore does not accept any liability for errors or omissions in the contents of this message that arise as a result of email transmissions.

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Jon Peck
Sent: Tuesday, July 10, 2018 12:14 PM
To: [hidden email]
Subject: Re: Is There Malware in SPSS ver 24

 

Let's be clear.  The SPSSClientUI.jar file in V24 as shipped by IBM consists of 6771 files, but Agent.BHW is NOT one of them.  So this file must have been inserted in Mike's jar file after installation.  You can open this jar file in WinZip, IZArc, or equivalents and see for yourself.  It is unlikely that onthehub is distributing a contaminated version, but installing Statistics on a known noncontaminated system and looking at this file would be definitive.

 

Official builds of SPSS Statistics and other IBM products are done on secure systems that are regularly checked for malware, and shipped product versions are also checked before they go into distribution.

 

Quoting from a website on this trojan...

 

How did Win32:Agent-BHW get on my Computer?

Like other trojans, Win32:Agent-BHW gains entry through source programs carrying a trojan payload that you unknowingly install. Common sources of such programs are:

·         Malicious websites designed specifically to inject Trojans

·         Legitimate websites infected with Trojans

·         Email attachments

·         Fake updates presented for installed software

·         Peer-to-peer sharing software

·         Malicious video players and codecs

·         Free downloadable games

·         Chat software

·         IRC channels

·         Social media links pointing to infected files or websites

 

 

On Tue, Jul 10, 2018 at 8:16 AM Michael Palij <[hidden email]> wrote:

Steve,

 

A few things to keep in mind:

 

(1)  The file in question (Java version of Agent.BHW) needs additional documentation

as to what it actually does (both good and bad).  I found it after using SPSS v24

for a year during which I did not see any problems.  However, the file may not have

been intended to muck up a system but to collect various pieces of info (e.g., logins

and passwords for websites, etc.). I'm familiar with all of the different types of

malware but I think certain Advert presentation progs are considered malware

because it collects user's info without the user's knowledge.  For SPSS, especially

public computers, perhaps someone does want to know what files it is accessing

and where (if that is what Agent.BHW does) though this may be the system admin

and not the end user who might not want such info to be shared.  This raises the

question of what Agent.BHW is supposed to do.  Since it seems to be in the User

Interface for SPSS Statistics, it would seem that plays some basic role.  But what

is it.

 

(2)  Examining sources on the Web I have come to two conclusions:

 

(a)  not all anti-virus/security software detect all malware -- apparently F-prot

and Cygen detect Agent.BHW (I used Iollo's System Mechanic) but other progs do

not.  Is this because it is considered not to be malware by the software or does

it hides itself better from other software?

 

(b)  The webpage by MALtiverse suggests that Agent.BHW is pretty nasty

but (a) does not provide much info on this, and (b) it seems really difficult

to find info on the nastiness elsewhere.  I thought that there should be some

info on Wikipedia but the closest I came was an entry on Agent.AFW; see:

 

 

It is unclear if Agent.BHW is a variant of Agent.AWF (Wiki explains the

nastiness one can expect with Agent.AWF across versions of Windows;

System Mechanic identifies Agent.BHW as being a Trojan prog which

puts it in the same "class" of malware as Agent.AWF) or a completely

different animal.

 

I'm a little surprised at how little info there seems to be about Agent.BHW

(Agent.AWF appears to be old, obsolete software; is Agent.BHW the

next/later generation?) either as a utility or as malware.  It may be in

limited use and/or it is a form of proprietary software that the owners

don't want to advertise. It would be helpful who is knowledgeable about

Agent.BHW chimed in about it.  In the meantime "Don't Panic!" ;-)

 

-Mike Palij

New York University

 

 

 

 

 

 

On Tue, Jul 10, 2018 at 9:40 AM, Salbod, Mr. Stephen <[hidden email]> wrote:

Dear Michael, Thanks for the heads up. I recommend onthehub to students. It would be nice to know the source of the malware you detected. –Steve

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Michael Palij
Sent: Monday, July 09, 2018 8:18 PM
To: [hidden email]
Subject: Is There Malware in SPSS ver 24

 

So I was doing my yearly computer systems scan today

and out of 5 million or so files that were examined only

one turn out to have a problem.  The file was

 

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

 

and System Mechanic Pro found the follow Trojan program

 

Java/Agent.BHW

(Java version of Agent.BHW)

 

I have searched the web for Agent.BHW and found very little

on this but the MALtiverse website did have info which suggests

that it may be a nasty thing; see:

 

 

So, Jon or any of the other SPSS Co folks (former or current),

is this a real problem or a mis-identification?

 

BTW, I'm running on a Win 10 machine if that  matters and

I got the copy through NYU's connection to onthehub.com

(which means it should be legit)?

 

-Mike Palij

New York University

 

 

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


 

--

Jon K Peck
[hidden email]

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD
Reply | Threaded
Open this post in threaded view
|

Re: Is There Malware in SPSS ver 24

Jon Peck
All of the extensions are shipped in source code form (except that little java one for configuring the R path), so they can't have a concealed virus and can, of course, be inspected by any user.

On Tue, Jul 10, 2018 at 10:16 AM Timothy Hennigar <[hidden email]> wrote:

What about installing the extensions? All these from the HUB are also verified virus free?

 

 

 

Thanks!

 

*********************************

Notice: This e-mail and any attachments may contain confidential and privileged information.  If you are not the intended recipient, please notify the sender immediately by return e-mail, do not use the information, delete this e-mail and destroy any copies.  Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.  Email transmissions cannot be guaranteed to be secure or error free. The sender therefore does not accept any liability for errors or omissions in the contents of this message that arise as a result of email transmissions.

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Jon Peck
Sent: Tuesday, July 10, 2018 12:14 PM
To: [hidden email]
Subject: Re: Is There Malware in SPSS ver 24

 

Let's be clear.  The SPSSClientUI.jar file in V24 as shipped by IBM consists of 6771 files, but Agent.BHW is NOT one of them.  So this file must have been inserted in Mike's jar file after installation.  You can open this jar file in WinZip, IZArc, or equivalents and see for yourself.  It is unlikely that onthehub is distributing a contaminated version, but installing Statistics on a known noncontaminated system and looking at this file would be definitive.

 

Official builds of SPSS Statistics and other IBM products are done on secure systems that are regularly checked for malware, and shipped product versions are also checked before they go into distribution.

 

Quoting from a website on this trojan...

 

How did Win32:Agent-BHW get on my Computer?

Like other trojans, Win32:Agent-BHW gains entry through source programs carrying a trojan payload that you unknowingly install. Common sources of such programs are:

·         Malicious websites designed specifically to inject Trojans

·         Legitimate websites infected with Trojans

·         Email attachments

·         Fake updates presented for installed software

·         Peer-to-peer sharing software

·         Malicious video players and codecs

·         Free downloadable games

·         Chat software

·         IRC channels

·         Social media links pointing to infected files or websites

 

 

On Tue, Jul 10, 2018 at 8:16 AM Michael Palij <[hidden email]> wrote:

Steve,

 

A few things to keep in mind:

 

(1)  The file in question (Java version of Agent.BHW) needs additional documentation

as to what it actually does (both good and bad).  I found it after using SPSS v24

for a year during which I did not see any problems.  However, the file may not have

been intended to muck up a system but to collect various pieces of info (e.g., logins

and passwords for websites, etc.). I'm familiar with all of the different types of

malware but I think certain Advert presentation progs are considered malware

because it collects user's info without the user's knowledge.  For SPSS, especially

public computers, perhaps someone does want to know what files it is accessing

and where (if that is what Agent.BHW does) though this may be the system admin

and not the end user who might not want such info to be shared.  This raises the

question of what Agent.BHW is supposed to do.  Since it seems to be in the User

Interface for SPSS Statistics, it would seem that plays some basic role.  But what

is it.

 

(2)  Examining sources on the Web I have come to two conclusions:

 

(a)  not all anti-virus/security software detect all malware -- apparently F-prot

and Cygen detect Agent.BHW (I used Iollo's System Mechanic) but other progs do

not.  Is this because it is considered not to be malware by the software or does

it hides itself better from other software?

 

(b)  The webpage by MALtiverse suggests that Agent.BHW is pretty nasty

but (a) does not provide much info on this, and (b) it seems really difficult

to find info on the nastiness elsewhere.  I thought that there should be some

info on Wikipedia but the closest I came was an entry on Agent.AFW; see:

 

 

It is unclear if Agent.BHW is a variant of Agent.AWF (Wiki explains the

nastiness one can expect with Agent.AWF across versions of Windows;

System Mechanic identifies Agent.BHW as being a Trojan prog which

puts it in the same "class" of malware as Agent.AWF) or a completely

different animal.

 

I'm a little surprised at how little info there seems to be about Agent.BHW

(Agent.AWF appears to be old, obsolete software; is Agent.BHW the

next/later generation?) either as a utility or as malware.  It may be in

limited use and/or it is a form of proprietary software that the owners

don't want to advertise. It would be helpful who is knowledgeable about

Agent.BHW chimed in about it.  In the meantime "Don't Panic!" ;-)

 

-Mike Palij

New York University

 

 

 

 

 

 

On Tue, Jul 10, 2018 at 9:40 AM, Salbod, Mr. Stephen <[hidden email]> wrote:

Dear Michael, Thanks for the heads up. I recommend onthehub to students. It would be nice to know the source of the malware you detected. –Steve

 

From: SPSSX(r) Discussion <[hidden email]> On Behalf Of Michael Palij
Sent: Monday, July 09, 2018 8:18 PM
To: [hidden email]
Subject: Is There Malware in SPSS ver 24

 

So I was doing my yearly computer systems scan today

and out of 5 million or so files that were examined only

one turn out to have a problem.  The file was

 

c:\PROGRAM\IBM\SPSS\STATISTICS\24\SPSSCLIENTUI.JAR

 

and System Mechanic Pro found the follow Trojan program

 

Java/Agent.BHW

(Java version of Agent.BHW)

 

I have searched the web for Agent.BHW and found very little

on this but the MALtiverse website did have info which suggests

that it may be a nasty thing; see:

 

 

So, Jon or any of the other SPSS Co folks (former or current),

is this a real problem or a mis-identification?

 

BTW, I'm running on a Win 10 machine if that  matters and

I got the copy through NYU's connection to onthehub.com

(which means it should be legit)?

 

-Mike Palij

New York University

 

 

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD

 

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD


 

--

Jon K Peck
[hidden email]

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD



--
Jon K Peck
[hidden email]

===================== To manage your subscription to SPSSX-L, send a message to [hidden email] (not to SPSSX-L), with no body text except the command. To leave the list, send the command SIGNOFF SPSSX-L For a list of commands to manage subscriptions, send the command INFO REFCARD