1) Sometimes when all the Shields are on, the network indicator in my Win Xp task bar( you know that small icon with two flashing pc's) indicates that bandwidth is being used, where as i am not browsing the net at all. I have some monthly bandwidth restriction, so is this going to take out too much bandwidth? Why is it happening at all"
Maybe avast is trying to update but we can't be sure.
If you use TCPView you can see what is trying to connect the internet on each time (
www.sysinternals.com).
2)I often get alert messages like "LSASS ATTACK' blocked/ "DCOM EXPLOIT BLOCKED" from im address like xxx.xxx.xxx:135(always port 135) i've searche the net and found that this is Avast! protection against a certain security vulnerability in Windows, But sometimes even the addresses of the LAN network im connected to are shown . Does this mean that they were trying to infiltrate/exploit? And if i turn off the network shield will the DCOM/LSASS exploits harm my pc?(because i never had any firewall on my pc and there have never been extensive damages).
It's not good stay without a firewall. Network Shield is a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don't infect files but instead they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield. Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.
3) What is the difference between normal scan and boot time scan?
Boot time scanning has fully access to files but not all the archive unpackers are loaded (drivers limitations).
On-demand scanning (normal as you say) could have some 'blocked' (access denied) files but all archive files (*.zip, etc.) are fully scanned. Anyway, don't worry that much because boot time scanning covers all the most common archive file types...