Norton tells me it has eliminated a high risk threat. Norton's name for the threat is Suspicious.Cloud.AM (http://www.symantec.com/security_response/writeup.jsp?docid=2009-090107-2513-99).

Path including file name:
c:\programfiler\spybot - search & destroy\updates\sdinformv2b.exe

What is sdinformv2b.exe ?

It may be a false positive, but it's not impossible that a Spybot file gets infected.

It is Spybot 1.6.2 and it was updated some days ago. Norton autoprotect detected the threat today. I did not run Spybot today and no Spybot files were supposed to be loaded into memory. I believe Norton autoprotect only scan things loaded into memory. This may indicate that it is not a false positive?

SDInformV2b.exe is a file that Informs Spybot 1.6 users about 2.x release,according to this:
http://www.isthisfilesafe.com/sha1/F706340D9A5B6E6A53D5206180FC7BC6118BF117_details.aspx

The Suspicious.Cloud.AM detection description says this:
Suspicious.Cloud.AM is a detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers.
So,that's a good idea,but it also would result in some false positives happening,and that is what I believe this is.
Over in technical details,there's a link to click for false positives,so you could report it to Symantec as a false positive. :)
http://www.symantec.com/security_response/writeup.jsp?docid=2009-090107-2513-99&tabid=2

Thank you for the information.

NIS has deleted the file so I can't upload it to Symantec. There is no trace of it in the logs either, it's like it never happened. I expected to find it in the quarantine but it is empty.

NIS auto-protect popped up a 'high risk' warning but their website says the risk is 'very low'.

Huh,guess that does make it difficult,it says the upload of the file is required.
There is Norton Community.Maybe you can report it there:
http://community.norton.com/en
You're welcome. :)