TAI Analysis Criteria

When analyzing a potential threat, we use 5 specific criteria: behavior, privacy, distribution, removal, and integration. The threat is then assigned points according to its characteristics when attempting to infiltrate your computer. The points are tallied and rounded to the nearest whole number to determine the threat's TA index level. Learn more about the analysis process and the analysis criteria below.

Automatic High

All criteria in this section represent extreme risk; if the threat matches even one of the criteria, it receives an automatic TA rating of 10.

Behavior

  • Connects to perform or aid in a DoS (Denial of Service) attack
  • Dials an unprompted or unauthorized Internet connection
  • Opens or exploits system vulnerability
  • Alters, hooks, or damages the Windows login
  • Performs any counter actions designed to deactivate or damage the Operating System, security or privacy applications, and/or Operating System security policies/features
  • Drops additional virus, key logging, Trojan, or dialer applications / components
  • Maliciously alters Hosts file
  • Intentionally causes other software to malfunction or change designed behavior
  • Virus / Trojan

Privacy

  • Logs and/or transmits key strokes
  • Transmits physical address, telephone numbers, credit card information, or banking information without the user's explicit permission

Distribution

  • Application is installed automatically via dropper
  • Application is installed via system or software exploit
  • Application is distributed through deceptive and/or illegal means to trick the user into installing

Removal

  • Uninstaller functions deceptively by stealthily uninstalling then reinstalling content
  • Installs so that removal can cause damage to the operating system
  • Manual removal is actively prevented

High

Threats matching these criteria receive 1.8 points for each incident.

Behavior

  • Performs automatic updating by deceptive means (Example: undisclosed trickler)
  • Program masks as doing one thing, but does another
  • Changes browsing results (Examples: hijacks browser, redirects browser, replaces text or graphics)
  • Operates in stealth
  • Alters your files for advertising
  • Drops additional advertising applications/components
  • Adds an auto-start feature that is not disclosed to the user, cannot be disabled, and is forcefully re-introduced if removed
  • Mines third party application profiles and/or database information without your consent

Privacy

  • Transmits usage information to remote systems without your consent and/or knowledge
  • Tracks your surfing habits using personally identifiable information, without the user's consent and/or knowledge
  • Transmits information not related to the software (personal information or information related to third party software) without your consent and/or knowledge

Distribution

  • Intentionally hides installation and/or clear evidence of intention
  • Bundles with third party software; installation is not disclosed
  • Attempts to hide or disguise license terms

Removal

  • Installs into system folders in stealth, or by using random file names
  • Does not uninstall with the host application
  • Installs to all user accounts regardless of consent

Integration

  • Runs even when the host application is closed and presents ads when you are not online
  • Causes unrestricted pop-ups that require the system to be turned off or the internet connection to be severed to stop

Medium

Threats matching these criteria receive 0.8 of a point for each incident.

Behavior

  • Performs automatic updating without your knowledge
  • Displays ads without your consent
  • Displays advertisements that do not clearly and/or transparently display origin
  • Adds an auto-start feature that is not disclosed and cannot be disabled
  • Opens web sites without your initiation
  • Injects links from third party sites into browser favorites, registry, or onto the desktop
  • Allows third party advertising that does not originate from within the system

Privacy

  • Collects personal information to build a local profile that can easily be compromised
  • Tracks your surfing habits, using anonymous information
  • Transmits system information without your consent or knowledge
  • Privacy policy does not adequately disclose and/or detail information collection
  • Privacy policy is not disclosed prior to installation

Distribution

  • Bundles with third party applications and is undisclosed prior to installation
  • License terms are intentionally difficult to read
  • No existing license terms

Removal

  • Uninstaller is only available by contacting the vendor
  • Does not provide a functional uninstaller

Integration

  • Drains system resources to such a degree that computer becomes unstable
  • Runs even when the host application is closed (but does not present advertising when the user is not online)

Low

Threats matching these criteria receive 0.3 of a point for each incident.

Behavior

  • Performs automatic updating that is not possible to disable
  • Displays advertising content with your consent
  • Adds an auto-start feature that is disclosed to you, but cannot be disabled
  • Serves no discernable function, except as a vehicle for the distribution of advertising content

Privacy

  • Transmits system information with your consent and/or knowledge
  • Transmits usage statistics with your consent. Includes (but is not limited to) information related to the software's usage and status, and to third party software. Includes information not related to the software (such as personal information).
  • No privacy policy is available or is difficult to read, but application does not raise any further privacy related issues

Distribution

  • Bundles with third party software and presence is disclosed prior to installation
  • License terms are included but are unintentionally difficult to read

Removal

  • Uninstaller is unintentionally difficult to locate and/or is mislabelled
  • Number of uninstallers does not match the number of installers

Integration

  • Causes noticeable unnecessary load on the computer or bandwidth
  • Presents an unfixed number of advertisements per day (but only when online)
  • Installs multiple times, to different folders with different host applications, in the same user account