Sorry, but I’m afraid you are wrong - and you generalize a bit too much.
You wrote: “And the same malware which Avast blocked through Network Shield may not be detected by the FileShield if it comes through other channels like pendrive.”

If you really tried that, instead of assuming, you might have found out that the malware actually would be e.g. Autosandboxed if started from a pendrive. (Not sure if in 100% of the cases, but still.)

The thing is that there’s already quite a lot of “context-based” stuff in the detections - so when you start something from your disk, avast! behavior might be different from when you start the same file from a pendrive. If you copied a file on your disk from some other disk (and then executed it), avast! behavior behavior might be different from when you downloaded the same file from web (and then executed it), possibly even depending on where did you downloaded it from - etc.

It’s all not that simple as you imagine :slight_smile:
(Besides, if we know that a particular domain is blocked, not including the samples from that domain might even be an optimization to prevent blowing the virus definitions too much and consuming more CPU and memory - if that specific malware doesn’t normally spread via other channels; I’m not saying it’s really done that way, but the protection is expected to be used fully, the detections are certainly not prepared with the expectation that somebody disables some of the shields, for example).