Combofix Virus for Symantec

I checked Combofix.exe with Norton Internet Security 2009 and this is the summary of the scan.
NIS 2009 has found 2 viruses on Combofix.exe
I did not delete.

Statistiche scansione:
Durata scansione: 9 secondi
Opzioni di scansione:
Destinazioni scansione: D:\ZipFiles\AntiSpyware\Combo Fix\ComboFix.exe
Totali:
Totale elementi sottoposti a scansione: 120
- File e directory: 120
- Voci del Registro di sistema: 0
- Processi ed elementi di avvio: 0
- Elementi di rete e browser: 0
- Altro: 0
- File attendibili: 0
- File ignorati: 0
Totale rischi per la sicurezza rilevati: 2
Totale elementi risolti: 0
Totale elementi che richiedono attenzione: 2
Minacce risolte:
Minacce non risolte:
Rischi nel file compresso "ComboFix.exe"
Tipo: Compresso
Rischio: Alto (Alto Stealth, Alto Rimozione, Alto Prestazioni, Alto Privacy)
Categorie: Virus euristico
Stato: Non eseguito
File 2
d:\zipfiles\antispyware\combo fix\combofix.exe - Nessuna azione intrapresa

English version:
Crawl stats:
Scan duration: 9 seconds
Scan Options:
Scan destinations: D: \ ZipFiles \ AntiSpyware \ Combo Fix \ ComboFix.exe
Totals:
Total elements crawled: 120
- Files and Directories: 120
- Items in the registry: 0
- Processes and startup items: 0
- Elements of the network and browser: 0
- Others: 0
- File reliable: 0
- File skipped: 0
Total security risks detected: 2
Total items resolved: 0
Total items that require attention: 2
Resolved Threats:
Threats are not resolved:
Risks in the compressed file "ComboFix.exe"
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus heuristic
Status: Not done
File 2
d: \ zipfiles \ antispyware \ combo fix \ combofix.exe - No action taken

Edited by rigel, 09 February 2009 - 07:52 PM.

Norton's is picking ComboFix up as a false positive. The are several anti-virus products that pick ComboFix due to it make-up and characteristics.

Many thanks
Hiro Joda

Certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus/anti-malware scanners as a "RiskTool", "Hacking tool", "Potentially unwanted program", or even "malware (virus/trojan)" when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, registry fixes and malware strings it contains.

Such programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. When flagged by an anti-virus, it's because the program includes some features or additional files that can potentially be used for malicious purposes. These detections do not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In these cases the detection is a "False Positive".

You should not be using Combofix unless instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer.