Why do some programs say to "disable anti-virus" before installing, and should I turn it on again after?

Helping people with computers... one answer at a time.

Ask Leo! » Viruses and Malware » Malware Detection

It's not uncommon for setup programs to recommend disabling anti-virus programs first. We'll look at why. But do turn it back on when you're done.

I recently purchased a new software package. I was told to disable my anti-virus software before I install the software. Why? What also has me concerned is that it does not say I can turn it back on after installation. What do you feel I should do?

•

Turn it back on.

There. For those with really short attention spans I wanted to get that incredibly important tidbit out there before you move on.

Now, as to why you had to turn it off in the first place, that requires just a little explanation.

•

Anti-virus programs as well as anti-spyware programs, which I'll collectively refer to as anti-malware programs work, essentially, two different ways:

The tools scan for known patterns of data on your hard disk, and if enabled, in the data that's arriving on your computer via the network or media such as CDs and USB keys. Those patterns are also called "signatures"; they're what a piece of malware "looks like".

The bottom line here is that if the scanner sees something that looks like a virus it can then take appropriate action.
The tools monitor for specific types of behavior that malware is known to perform. The simplest example is malware which overwrites your browser's home page in order to hijack it. Most malware scanners will monitor for any attempts to change your home page, and will often either alert you, or simply block the attempt.

In this case the bottom line is that if the scanner sees something that acts like a virus it can then take appropriate action.

Traditionally anti-virus programs most often work the first way, and anti-spyware tools work the second, however the line is most definitely blurring and it's safest to assume that all anti-malware tools may operate using both techniques as well as perhaps others.

Now, program installation is an interesting operation, for several reasons. When you run a setup program it may do many different things including:

"If your anti-malware program blocks or otherwise interferes with a program installation you may end up with a failed install."

writing program files into Windows folders
writing entries into the Windows registry
adding "auto-start" entries that launch programs whenever you boot your computer or login
starting, stopping or installing Windows services
deleting other files relating to the program being set up, typically older versions
... and much more

Here's the problem: all of those things are often exactly what malware does. And some anti-malware scanners aren't always 100% accurate at telling the difference.

If your anti-malware program blocks or otherwise interferes with a program installation you may end up with a failed install. Or worse, something that looks like a "successful" install that doesn't really work.

Hence almost all software installation programs now recommend that you turn off your anti-malware scanners before the install to avoid any of these "false positives" that might cause a problem with the installation.

And to be clear, whether they explicitly say it or not, they mean turn it off for the duration of the installation process. In other words, be sure to turn it back on when the installation is complete, or you'll be running unprotected from then on.

And that can lead to other problems.

Article C3339 - April 2, 2008 « »

Share this article with your friends:

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Ask Leo! - Viruses: How do I keep myself safe from Viruses?
Ask Leo! - Spyware: How do I remove and avoid spyware?
Ask Leo! - How do I keep my computer safe on the internet?

Recent Comments

14 Comments

Cesar
May 18, 2008 7:47 AM

U can't disconnect from the internet if U R downloading from a provider's internet page. If U R putting it onto your desktop, aren't U already at risk?

Mike
April 5, 2011 11:58 AM

For a long time, I used AVG for anti-virus protection. Then, one of their upgrades was buggy, so I uninstalled it and switched to Avira. However, it did not permit on/off switching. The only way to turn it off was to entirely uninstall the program. I tried a couple other A/V programs that had the same issue. Going back to (further upgraded) AVG, I saw they adopted the same feature; no way to selectively turn it off without uninstalling it. So I gave up on all of them. Fortunately, I've been using MSE with no problems and it's been highly recommended, as well. And I CAN turn it off if the need should ever arise.

Wolf
April 5, 2011 12:29 PM

I always install programs in Safe Mode. Saying this I will say that is the best way I have found to do a safe install, because even the installed program is not running in Safe Mode after it has been installed. Once installed, I restart and let the computer start up normally. Avast is then running along with MalWareBytes and Super AntiSpyware. Since I started doing it this way I have had several programs that would have not been caught if I had installed in Normal Mode. If I have no problems running the program, or none of my security programs popup anything on it I then install it on my other computers.

Also I scan the installer before I install it with Avast, MalWareBytes and SuperAntiSpyware. One hit and I check for a false/positive. If it is a legitimate hit, then I delete the installer and scan my system with all my scanners.

I am running Windows XP Home with no Service Packs or Microsoft updates. I st behind a hardware and software firewall and Avast scans websites before Firefox opens them. I do nightly scans with several system based programs and a weekly online scan from several online scanners like Panda and Karpursky(sp).

Russ
April 5, 2011 9:02 PM

As Mike mentioned, I too found that when I wanted to install a program the infamous 'turn your anti-virus off' message appears. I too, decided to not use avg and and a couple of others because you could never find an 'off' button. I am using mse also, one, because it comes highly recommended and its free, and two, its very user friendly and you can turn it off if needed. I have never installed in safe mode... Leo, any comments on our observations?

Wolf
April 6, 2011 2:06 PM

I have noticed a lot of companies have slim installers for installing the programs, these are really just links to the online installer. I suggest hunting for the full installer on the creators website and download it and then scan it and reboot to Safe Mode and install that way. Leo, what do you think of this?

See all 14 comments...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2013 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/why_do_some_programs_say_to_disable_antivirus_before_installing_and_should_i_turn_it_on_again_after.html