Real-time protection is a permanently active process. Any file that is used, copied or, accessed is scanned via this module in real-time. This prevents malware from executing; every execution of a file that triggered a detection is automatically blocked and you are notified.
Avira Real-time protection prevents viruses from making changes on your device.
Note
This function is only available in the paid antivirus version.
1. Click the Avira icon in the system tray to open the Avira user interface.
2. Click Security in the left menu.
3. Click Protection options.
4. Click the On/Off switch of the Real-time protection.
Set up what file types are scanned, if archives should be scanned too, and in addition if network attached storages and drives should be monitored.
Real-time protection is very detailed and can be customized completely to suit your needs.
1. Click the Avira icon in your system tray to open the Avira user interface.
2. Click Security in the left menu.
3. Click Protection options.
4. Click the Settings icon 
of the Real-time protection.
5. Go to PC Protection → Realt-Time Protection → Scan in the left menu and select in the Files area what to be scanned.
6. Enable Scan archives and configure the recursion depth, maximum number of files, and size.
7. The enabled Monitor network drivers option in the Drives area means that all files sent to or received from a drive or storage device on the local network are scanned. If Real-time protection is enabled and your system is slow, it may be worth unchecking this option as it can require slightly more system resources.
8. The subcategory Action on detection allows the preconfiguration of what action should be taken if a detection occurs.
9. Interactive is the default value. In this mode, a dialog will appear with each detection asking you which action you would like to take. You can either remove the file by deleting it, moving it to quarantine, renaming it, or leaving it as it is.
10. Automatic lets you set up a primary default action and a secondary one if the first one does not work correctly. 11. The Further actions subcategory allows product events or notifications to be pushed to the default Windows event log.
Note
This option can be used by administrators who track these logs for an overview of what the program detected/what action it performed. The option is active by default. Disabling it will not disable any other Avira error messages.
12. Exceptions also work in a similar way to the on-demand scanner. In addition to excluding files and folders, you can also allowed to exclude processes. Starting a program does not mean using every file. The main part of the program runs as a so-called “process”. As those processes may load files that may contain known false-positives, you will be aware of the risks. If they are huge in size and likely to sap system resources, setting up an exception can be a solution.
13. Heuristic lets you enable or disable heuristics for the on-demand scanner only and select what mode of heuristic detection is used.
You can do this for each product module, making it easier to customize the product to suit your needs.
Note
You need a maximum level of heuristics for Web Protection to prevent any possible infection while browsing, but for Mail Protection it is only used for phishing detection.
14. As the Report file is always increasing in size — with the module constantly analyzing actions/detections/etc., and logging those events in the report — you can limit its size here.
