Hi,
If you configured to get the alerts it will pop up you.
Auto Protect is the real time protection based on signatures, while any read writes happens to the system.
SONAR also a real time protection which works on behavioral based signatures.
On which point you suspect the Auto protect is not working? Can you post the logs/ screen capture of the same.
Regards
Ajin