because it is so trigger happy about the startup folder; in fact that is all I use it for. The reason, is that Zeus and its variants, inject into the startup folder upon reboot, shutdown, or log off - so it can survive to the next session - unless you happen to run CCleaner before hand, and then you might not ever need to worry about it. The only problem is that it is subject to malware manipulation, even on limited privilege accounts. I don't have a problem with that, because you can recognize the side affects of this attack. As long as the user is aware of what is going on in the "systray" (or similar), you can become aware of this condition and prepare for cleaning or scanning to rid the PC of the malevolent software.
I still like SAS's crazy fast scanner - it is one of the best in the industry. That is also the only reason I use it, because it really doesn't offer anything to the limited account environment - unless you want to run it as administrator(Vista/Win7) all the time, which I still consider a bad practice - for now.
Keep Up with TechRepublic