Interesting, however it still begs the question where does it check there untrusted/revoked certificates mentioned in your quote ?
If you mean who are to check these untrusted/revoked certificates, it's browser. You can see Firefox/Chrome warns about bad certificate accessing here:
https://badssl.com/If MITM method was used, browsers (sometimes WebShield itself) also warns invalid certificate as WebShield checks it is valid or not and transmit the results via how Avast signs it.
Also, why would the certificates be present in the (extract) list, image extract I posted in Reply #1
Avast certificate is used(reserved) for MITM as fallback method when these "new" method does not work somehow. I got that before.
it happens that MITM must be enabled on certain systems or certain browser versions. It is designed in a way, that if other methods fail, we use MITM even on Firefox/Chrome. For this reason we also provide the browser cert store with our root certificate, so that in case of this "fallback" everything still runs smoothly.
So, there should be the certificate on Firefox/Chrome store, if things not changed since above.