Resident Provider Modules

Is there someplace where the responsibilities of each provider module is stated?

Resident Protection Providers

avast! resident protection is based on so-called resident providers - special modules protecting various parts of your computer, e.g. file system or e-mail.

Standard Shield. It checks the applications being run and documents being opened. It will not allow an infected application to start or an infected document to be opened, thus possibly protecting you from activating/spreading a virus.

Outlook/Exchange. It checks incoming and outgoing e-mail messages processed by MS Outlook client (it is part of the MS Office package - it is not the same as the simpler Outlook Express!) or MS Exchange. It will refuse to accept or send a message containing a viral code.

Internet Mail. It checks incoming and outgoing e-mail messages processed by clients other than MS Outlook or Exchange, such as Outlook Express, Eudora etc. Again, it will refuse to accept or send a message containing a viral code.

Script blocking. It checks scripts contained in the web pages you look at, thus avoiding infection due to potential bugs in your web browser.

Instant Messaging. It checks the files downloaded by common communication programs, such as ICQ or MSN Messenger.

P2P Shield. It checks the files downloaded by common P2P (file sharing) programs, such as Kazaa and others.

Network Shield. It protects the computer from the attacks of Internet worms (e.g. Blaster, Sasser, etc.)

Web Shield. It protects the computer from viruses during the common work with Internet (browsing, downloading files, etc.). It can also block access to specific web pages.

I take this information from a secret help file ;D
Welcome to avast forums :slight_smile:

Help file. Start avast! antivirus from rt click dropdown menu, hit F1.

So Web Shield does not catch worms only? Because the Network Shield is dedicated to that?

And for Instant Messaging, normal chatting is not checked, just if a file is sent?

Web Shield analyses all traffic passing thru a HTTP connection (between your browser and an Internet server). This includes scripts embedded in HTML pages. Vlk wrote in Wilders forum: The thing is, a HUGE number of today’s malware takes advantage of various exploits in web browsers (most notably, IE). The same applies to nuisance like dialers, spyware etc. In such a case, howevers, scanning of network streams (http streams in case of Web Scan-ners - i.e. avast’s WebShield or Nod’s IMON) is the only way to prevent the infection. The filesystem based scanner will simply act too late….

Network Shield is a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It can be also taken as a lightweight firewall (or more precisely, an IDS (Intrusion Detection System).
Network Shield protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don’t infect files but instead they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield. Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.

Well, I’m not sure about this…