Threat Assessment Chart

Threat Assessment Chart - TAC

All items detected by Ad-Aware are qualified using a Threat Assessment Chart (TAC) prior to inclusion. The system is based on a total of 10 points, 1 being the least and 10 being the most threatening and/or problematic. Behavior and intent weigh more heavily towards becoming a legitimate detection than do the technical aspects. Please note that applications that are difficult to remove and cause system instability due to poor coding and DO NOT contain any further violations as described below ARE NOT considered for inclusion in the Ad-Aware database.

Information about the items Ad-Aware detects can be found in the TAC database.
Search the TAC database*

* You must be connected to the Internet to access this link

Here are the criteria we use to determine if something should be added to our database:

Removal
Given one point.

Determining factors:

Provides no uninstaller at all or non-functional application uninstaller.

Lacks clear evidence of intention. In other words, there is no available evidence to suspect the application's developer of intentionally making his/her software difficult to uninstall other than having a poorly coded or buggy uninstaller.

Integration
Can cause system instability and is worth two points.

Determining factors:

This category refers to the effect a given database candidate has on a user's system.

Distribution
Unsolicited Install and is given two points

Determining factors:

Intentionally hidden (stealth) install and/or clear evidence of Intention. The application is designed with the clear intention of either making it difficult or impossible to remove using normal removal procedures.

Bundled install that is undisclosed. This is different from the previous determining factor, but there was no notice given to the user pre-install and/or the host application's EULA (End User License Agreement) attempts to hide the application's inclusion as a condition of the host application's install and/or use.

Program does not disclose info in EULA, has a confusing EULA, or a hidden EULA listing what is done with collected information.

Behavior
Malware is given three points automatically regardless of the stated behaviors listed below. All other intentional behaviors are given three points.

Determining factors:

Virus / Trojan Horse.

Connects to perform or aid in a DDoS (Dedicated Denial of Service) attack.

Program masks as doing one thing, but does another.

Use or creation of Tracking Cookies.

Changes browsing results (browser hijack/redirect, replace text/graphics, opens random websites).

Operates in stealth (Runs hidden from the user).

Opens web sites not initiated by the user/unsolicited Popups and/or requests to join a different site.

Auto-updates without user permission and/or knowledge.

Dials an unprompted or unauthorized Internet connection.

Opens or Exploits a System Vulnerability.

Privacy
Privacy Violations are worth two points.

Determining factors:

Connects to a remote system with or without the user's awareness to transmit usage statistics and/or personally identifiable information.

Connects to a remote system without the user's awareness to transmit/receive information.

Tracks the user's surfing habits.

v 1.06