I currently run Spybot 1.6.2 w/ TeaTimer enabled on a Windows 2000 system I use for testing.
My Windows 2000 installation recently (and INTENTIONALLY) got infected with "AntiVirus Soft" and was able to get it removed with Malwarebytes.
Before running Malwarebytes, I ran a Spybot scan and it detected "Fake.Sysguard". It removed the registry entry and subsequent Spybot scans were clean.
In the TeaTimer log, I see where the malware added its registry entries without problem.
My question: if Spybot was able to detect this malware as "Fake.Sysguard", why didn't TeaTimer block it from updating the registry?
Thanks!
Peace...