How do spyware detectors work?

krwell

Senior member
Feb 11, 2001
454
0
0
How do spyware detectors work? I'm interested in figuring out how they work. Anyone know?
 

DaveSimmons

Elite Member
Aug 12, 2001
40,730
670
126
Like virus detection programs. They have a large database of "signatures" that they look for.

For example, for tracking cookies, the cookie has to be readabe by the privacy-steal scum that arranged to have it planted, so the cookie will have some domain like "spy.DoubleScum.com". The detector sees that cookie and knows it's spyware.

There are also registry changes, DLL infections, and run-at-startup entries in the big database that are scanned for and reported.

It's a lot of work to keep adding to the database, so if you're using one of the free tools and it has helped you, you might consider donating a few dollars to pay back all the time they put in.