LOL - we don't know yet!
Here's the response from Symantec, SEVERAL days AFTER the fact. But a submission to virus total generates totally MIXED results! Some say safe, some say not safe, some say "you may not want this file".
Here is what Symantec says................ Not the "now building definitions" but the file was submitted LAST WEEK.............Wednesday, the response can yesterday, Monday. I'm betting Symantec is SO FAR BEHIND, their techs just can't keep up with submissions!! But sorry, Symantec, nearly a WEEK is WAAAAAY too long to wait for results, and WAAAAY too long to wait for new defs if they are needed.
This should all be same-day, should it not? Or is there another logical explanation?
OTOH, we really still do not know what the file really is!!!!! IS it REALLY a tech support file from HP or some other source, or is it a hack tool of some sort........... enquiring minds want to know...................
===================================================================
Dear xxx xxxxxxx,
We have analyzed your submission. The following is a report of our findings for each file you have submitted:
filename: hideitx.exe
machine: Machine
result: This file is detected as Hacktool.HideWindow. http://www.symantec.com/avcenter/venc/data/hacktool.hidewindow.html
Customer notes:
Found by SEP during a scan started by defs update apparently not sure what triggered it however its in an HP remote support folder and MAY BE MAY BE a false alert or a real threat in the HP program files folder
Developer notes:
hideitx.exe is a non-repairable threat.
Symantec is now building a new set of definitions to include the threat you have submitted. The approximate time to complete this process is one hour. We recommend checking the ftp site periodically over the next 60 to 90 minutes to download these definitions as soon as they are available.
Downloading and Installing RapidRelease Definition Instructions:
1. Open your Web browser. If you are using a dial-up connection, connect to any Web site, such as: http://securityresponse.symantec.com/
2. Click this link to the ftp site, then download the appropriate file to update your product: ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/rapidrelease/sequence
If it does not go to the site (this could take a minute or so if you have a slow connection), copy and paste the address into the address bar of your Web browser and then press Enter.
3. Open the folder named with the same or higher sequence number listed below.
4. Download the appropriate file to update your product.
To identify the correct definition file format for your product, please review the information here:
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr
5. When a download dialog box appears, save the file to the Windows desktop. Either, double-click the downloaded file and follow the prompts or refer to your product documentation.
Virus definition detail:
Sequence Number: 102324 (or higher)