Welcome to Avast! The following provides a quick overview of how Avast protects your computer from threats.
The antivirus engine that protects your system uses a continuously updated threat database to identify known viruses. Specialized algorithms also identify suspicious behavior of files when Avast scans your computer. All threatening files are moved to the Virus Chest.
The Avast shields use a network proxy which scans all the network traffic on your system. IPv6 network connections are immediately closed. Most clients do not attempt to connect using IPv4 so threatening destination servers become inaccessible. To test how the shields work, we offer a harmless virus sample file. The EICAR file can be detected by Avast and most antivirus programs. You may need to temporarily disable the File shield to access the test file when testing Web and Mail shield.
See Shields for more information.
http://www.avast.com/eng/test-url-blocker.html to test the URL blocking capabilities of Web Shield or download the EICAR file and watch
Avast detect and block all the EICAR samples. When you have https scanning enabled, all samples on https should also be detected.
You can test the mail shield by doing the following:
The Mail shield and the Web shield allow exclusions. Connections to hosts on the exclusion list pass without being scanned.
Exclusions are IP-based and the proxy server converts host names into IP addresses. Servers with DNS load
balancing that directs every connection to a different IP address usually do not match the exclusion list IP address.
You can add the excluded host to the
/etc/hosts path with a specific IP address so that all traffic to that
host goes to the specified IP address and the exclusion works.
The proxy is capable of scanning secured connections when enabled. Avast generates a "trusted", and "untrusted" SSL CA certificates during installation. The trusted certificate goes into the System Roots keychain. On a secured connection, the proxy initiates the SSL handshake with the destination server, checks the SSL certificate, and sends a new CA certificate signed with the Avast "trusted" or "untrusted" label to the client.
The recreated certificate signing is done according to the following rules:
Applications with hard-coded certificate storage like Dropbox do not work when SSL scanning is enabled unless the hosts they contact, such as client.dropbox.com are in the Avast preferences exclusion list.
See our Troubleshooting tips for more help.