I have SpyBot 1.4 with the latest updates 2006-12-01

I just did a span and found the following which SpyBot identified as Smitfraud-C

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Shared\Access\Parameters\FirewallPolicy\StandardProfile\Authorized\Applications\List\C:\Windows\scvhost.exe

Is this a FP? I'm asking because no other software seems to spot it
(CounterSpy, AVG, Kaspersky)

Thanks.

hello ,

it is not a false positive, your computer is infected.

the correct path and name for the legit file is c:\windows\system32\svchost.exe

observe the letters carefully , this is often done to make the trjoans look like legit files.

this infection enables Smitfraud-C. to pass your Windowsfirewall

You guys are the greatest!

:) If you would like someone to take a look at logs and assist you in the removal of any malware that might be present on the System, please follow the procedure in this link:
"BEFORE you POST" -Preliminary Steps and scanning with SPYBOT-S&D (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22)

Cheers.