Avast Threat Lab - Clean guidelines

Avast Antivirus protects your PC by detecting and blocking malicious threats. To accurately determine whether a software program contains malicious content, we use a set of guidelines which outline what we consider to be malicious and potentially unwanted behavior.

Advertising

Must have:

  1. Landing page
    • Clearly identify the product vendor, describe the software functionality, and provide cost information if applicable.
    • Include a list of all bundled software, third party components/dependencies (for example, monetization engines), plugins or widgets.
    • Visibly link to product’s EULA and Privacy Policy.
    • Indicate if the software is ad supported, if applicable.
    • Present information in line with industry standards for readability (for example, no green font on a greenish background, and no tiny letters).
  2. Disclosure and consent
    • All app promoting pages must clearly identify the vendor.

Prohibited:

  1. Misleading ads
    • All forms of threatening messages.
    • All forms of deceptive behavior (for example, missing codecs, plugins, vulnerable/infected machine, when unnecessary).
    • All forms of impersonation of system messages (for example, impersonating the Windows user interface, MSFT/Windows logo, and so on), other brands (such as Chrome, Flash, anti-malware, and so on) or web components (for example, download buttons).
    • Displaying multiple “call to actions” with different wording but leading to the same or a similar action.
    • Advertising a free product for a cost.
  2. Download
    • Auto or direct download from ads is strictly prohibited.
  3. Disclosure and consent
    • Starting the app download or installation process without proper disclosure and user consent is strictly prohibited.

Installation Process

Recommended:

  1. Signing software
    • Every executable file should contain a vendor identifier. No specific format is required, but Version Info is preferred. Alternatively, a plaintext description in a custom section is also sufficient.
    • Availability of a digital signature is preferred.
    • If the file is packed, it should have a Taggant.

Must have:

  1. Bundling software
    • All included programs should be legitimate in nature and contain a clear, positive value to the installing user.
    • Each program must be offered on its own offer/install screen with clear information about its functionality, behavior, cost (if applicable) and purpose.
    • Each offer screen must have a clearly labeled skip/decline button or opt-in/opt-out checkbox enabling the user to decline the offer.
    • Each offer screen must have the same wording, “Call to Action” buttons, navigation style and button placement throughout the installation process.
    • Any software that includes third party components or software therein must provide appropriate disclosure to end users.
  2. User consent, control and transparency
    • All disclosure and consent clauses must be unavoidable to end users, must meet industry standards for readability a must be presented in a language that an ordinary end user comprehends.
    • User consent must be obtained before download/installation of any software.
    • Installer will install only software which user provided their consent to install.
    • User must be able to stop the installation at any point.
    • Any data acquisition shall be made under the end user’s consent.
    • Each setup screen must include exit functionality.
    • App installation must not be affected by any user decisions on the offers.
    • App must disclose to user name of product, identify developer name or brand name as the providing entity, how to contact such entity.
    • Software’s EULA must disclose to user if and how app may affect any other programs on user PC and settings.
    • It must be clear in which stage the installation currently is and show progress during longer stages (i.e. while copying/downloading files).
  3. Misleading behavior
    • All app’s functionalities must correlate with the description mentioned in the installation screens.
  4. Update
    • Software updater can only update main application (must not install any additional software without user consent).

Prohibited:

  1. Bundling software
    • Software without offer screens.
    • Any form of promoting exaggerated or false claims about user system (health, registry, files, etc...).
  2. User consent, control, and transparency
    • Sell or otherwise share user personal identifying information to 3rd parties without user explicit consent.
    • Any software must have its own privacy policy to describe its data collection, usage and sharing practices.
    • Software must not bypass/hack system or other apps security and consent features (browser hijack, disable notification...).
    • Software must not operate, access any content or cause use of user’s pc without prior informed consent (i.e. operate BitCoin miners).
    • Software must not redirect/block/modify searches, queries, user-entered URLs etc. without user consent.
    • Software must not access any other site that doesn’t directly relate to consented software functionality.
    • Any type of installation which does not require the End Users’ informed consent is expressly prohibited.
  3. Misleading behavior
    • The installer must not mislead a user to take action he has previously declined.
    • Revenue modules must not engage with fictional installations of the product or the revenue model.
    • The software must not display exaggerated, misleading, or inaccurate claims about the health, files, registry or other items of the system of the user.
    • The installer must not initiate the installation of an app based on false, misleading, fraudulent representation.
    • The software must not falsely claim to be a program from another brand (such as Avast, Microsoft, Google, Adobe, and so on).
  4. Interfering
    • Software must not engage with interfering, replacing, uninstalling or disabling any third party content, application, browser functionality and/or settings, websites, widget, the operating system or any part thereof without user consent.
    • Software must not engage in any fraud activity.
    • Software must not interfere with browser default search/search pages without the user’s consent.

Program functionality

Must have:

  1. Transparency and attribution
    • Ads must include clear attribution to the providing application.
    • Ads must be clearly labeled and identified as ads.
    • When injecting data into external content (such as websites or search results), monetization services must be clearly labeled and distinguishable from any platform (such as a website) it appears on.
    • Ads must provide a link to an “Ad Info” webpage with the following prominent notices and information:
      • A short explanation about why the ad was displayed.
      • Links to the advertiser’s full and clear description of the revenue module.
      • Links to the product’s terms of service and privacy policy.

Prohibited:

  1. Transparency and attribution
    • A program must not fail to clearly indicate when the program is active, and must not attempt to hide or disguise its presence.
  2. Program behavior
    • Software must not include monetization services that are Pop-Ups, Pop-Unders, Expanding banners, and so on.
    • Software must not use the end user’s device for purposes that are unwarranted and unexpected by the end user.
    • Software must not decrease a PC's reliability and/or cause a poor end user experience.

Uninstallation process

Must:

  • Completely remove all components of the software and/or related monetization modules, leaving no remains on the users PC.
  • Function properly in an equivelant manner to the installation process.
  • Include a corresponding “Add/Remove” entry in the Windows Control Panel or equivalent on different platforms, and the user must be able to completely uninstall the software.
  • Show the same software name as shown during the installation process and during operation of the app and/or monetization module. Likewise, the same software name must be visible in the Add/Remove section of the Windows Control Panel.
  • Provide an easy way to close the software and/or ads attributed to it.

Privacy Policy and EULA

Must have:

  1. Privacy Policy
    • The app and/or monetization service’s privacy policy must comply with applicable privacy and data collection and protection laws, and provide a clear and comprehensive description of the advertiser’s data collection practices.
    • The Privacy Policy must specify:
      • Whether the software uses cookies or other means of collecting user data.
      • Whether the software accesses, collects, uses, or discloses users' PII.
      • What types of user data is accessed, collected, used, or disclosed, as well as what means it uses to do so and what is done with the collected data.
      • How a user can opt out of PII collection and stop the app and/or monetization service from collecting PII data about them. Users must be able to achieve this in a straightforward way, and app and/or monetization service must comply with the users’ request immediately.
  2. EULA
    • The app and/or monetization service must comply with applicable laws and have an EULA that is easy to access during the installation process and from the app’s website.
    • The vendor and product must comply with the EULA as accepted by the user during installation.
    • The app and/or monetization service should be clearly described in the EULA, any changes to the EULA require updated user consent.

Prohibited:

  1. Privacy Policy
    • The app and/or monetization service must not sell or otherwise share with third parties personally identifying information without the user’s specific consent in advance.
    • The app and/or monetization service must not mislead users about the origin of cookies and/or other means of data collection, or cause a user to falsely believe it is associated with another app.
  • All available Avast antivirus software
  • All supported operating systems

Need additional help?

Contact us
Avast Total Care

Your premium tech support for PCs, printers & more

Call now for a free consultation and subscribe! 1-844-340-9251
devices Get help for all your device problems 24x7
1-844-340-9251