Eli5: How do unwanted programs prevent themselves from being uninstalled?

203 views

Eli5: How do unwanted programs prevent themselves from being uninstalled?

In: 8

3 Answers

Anonymous 0 Comments

Historically desktop operating systems relied entirely on cooperation from applications to install themselves in the proper places and uninstall themselves cleanly. Applications could just ignore requests to uninstall, and install themselves in system directories where they would be hard to find.

Over time, operating systems have gotten better about distrusting software like this, but there are still plenty of places for applications to stash instructions that the OS will follow that ensures the application comes back if it’s removed. These could include things like OS kernel extensions or drivers, or just a small startup script written to the right place.

More sophisticated malware may write these instructions to places hard to find, like the firmware of a device. Even more sophisticated malware can even deceive the operating system into not seeing its files. So you might browse your hard drive, but you’re seeing a filtered view of your hard drive rendering the malware invisible. You can’t remove something that you can’t see.

It’s basically a cat and mouse game, as devices and defenses get more complex, malware authors are finding increasingly clever ways of getting around those defenses.

You are viewing 1 out of 3 answers, click here to view all answers.