In the Firefox section in the immunization window, all four entries are there two times. I think this is not normal. Any solutions?

How many FireFox profiles do you have? If you have 2 or more. Its normal I would think?

Only 1, otherwise I would not have asked the question ;)

I think the Firefox immunization files are stored in hostperm.1, so I searched for that file on all drives and there was only 1.

Could you provide a screenshot?
Maybe more details of what exactly is shown twice (are they both named "default (Cookies)" etc.)?
If you deselect all but one of these, then click the "Check again" button, does the other one appear as immunized as well (means: do changes to one automatically reflect to the other)?

I don't run Firefox, however after the 2007-08-29 updates during the Internet Explorer immunization process it appears as if attempts are made to immunize the following four (4) restricted zone by domain entries twice:
"get-spybot.com"
"softwarereferral.com"
"www.get-spybot.com"
"www.softwarereferral.com"

Could you provide a screenshot?
Maybe more details of what exactly is shown twice (are they both named "default (Cookies)" etc.)?
If you deselect all but one of these, then click the "Check again" button, does the other one appear as immunized as well (means: do changes to one automatically reflect to the other)?

Here is a screenshot:

http://i2.tinypic.com/4ueksub.jpg

If I undo the first entry, the second entry is still immunized and vice versa, so changes in the one don't reflect to the other.

When I rename hostperm.1 to hostperm.1.bak in my firefox profile directory, spybot shows that 4 of the 8 entries are unprotected. I am really curious where spybot sees the other firefox as there is only 1 hostperm.1 file on my computer.

You could use BrowserCI (http://forums.spybot.info/showthread.php?t=17548), which is our browser support test tool. It'll help you identify which profiles are identified exactly.

Might there for example be another user of your computer, who has started Firefox once, but has not really used Firefox? I'm not sure that's the reason for a second "default" profile, since immunization would have created a hostperm.1 there as well and you spoke about only one found. But from the content shown for both profiles, you might have a further lead.

Problem solved! For some bizarre reason, there was a firefox profile in the networkservice account. The search function apparently doesn't look there, but with a "dir hostperm*.* /s" at the command line it showed up.