The user is installing antivirus software in response to the belief that the machine is already compromised. In other words, endpoint security software must assume that, very similar to software exposed to the public Internet, it is being installed into an aggressively hostile environment. Any assumptions about the operating system being free of successful compromises would cause the endpoint antivirus software, itself, to become a juicy target. At the very least, assumptions about a safe environment might lead security software makers to believe that they don’t have to take the care with their security posture that, in fact, is demanded by the real-world situation.
The foregoing leads us to two axioms:
Assume active attackers may be on the machine even at installation time.
Assume that attackers will poke and prod at every component, every input, every line of communication.