I have some suggestions that serve to make Avast something less than the front line of defense - more like a safety net. This is what I do...
1. Install the MVPS hosts file. When you do regular maintenance, update it. This causes the name resolution for tens of thousands of known parasite web sites to be resolved locally to 0.0.0.0, which keeps the computer from ever reaching the real sites. This alone can reduce the possibility of infection by a gargantuan amount, and as a bonus it blocks most ads.
2. Configure the Internet Explorer browser to avoid running ActiveX from sites in the Internet Zone. This avoids most running of malware and ongoing installation of Add-ons, etc. The default settings in Internet Explorer are far too permissive. You can add sites you really do trust (e.g., your bank) to the Trusted Sites list if they require the browser to be more permissive in order to present their information properly.
3. Teach responsible computing. Let your users know that when they run something they've downloaded they're taking some risk it will do things to their systems and data that may not be what they want. Ask them to research the things they run before they run them.
4. Configure Avast to be as intrusive or unobtrusive as you feel comfortable with, and as you feel the computer can stand. I'd say the less responsible/technical the user, the more of Avast's features you should configure. After doing all the above, a responsible, knowledgeable user really only needs the 3 shields and possibly the software updater.
Determine how demanding of resources the latest Avast with all the bells and whistles enabled will require some time and experience. That's what you're bringing to the party - your expert experience. So get testing! There's no way to know everything about how it's going to work ahead of time.
-Noel