Smart scan and Data Execution Prevention warning

Can someone please tell me why Avast throws this error every time I run Smart Scan?

https://i.imgur.com/C6YLITY.png

Avast and virus definitions are updated and I have never changed any settings in Windows Security App.

Probably DEP is disabled in your Windows. This is a vulnerability. Avast offers to solve this problem but you can do it without avast.
To enable it, run cmd as administrator and execute: bcdedit.exe /set {current} nx AlwaysOn

Thanks for the reply, Nom.
MS says that “DEP is turned on by default, but if you need to turn it off (or back on), you can do that in the Windows Security app.”
However, when I check Windows Security, its says “no action needed”. On the Exploit protection>System Settings, all the settings are set to “use default (On)” including Force randomization for images (Use default off). ???

Run cmd as administrator and execute:
wmic OS Get DataExecutionPrevention_Available
If response - TRUE - DEP is turned on.

wmic OS Get DataExecutionPrevention_SupportPolicy
If response - 2 - Policy by default - DEP is turned on only for system, if 1, 3 - turned on for all process.

I’ve already run the first command and response is TRUE.
SupportPolicy response is “2”.
I’m reluctant to enable DEP for all process because of this:

"While Data Execution Prevention is a valuable feature, not all software and hardware fully supports it. For this reason, your PC may experience certain issues and error messages owing to the conflicts some Windows processes face when working with DEP."
and this
"For the home user, old games that are 32-bit, and some emulators for playing even older games, are the most likely to conflict with DEP."

You’re right. That’s why I never use smart scan. Excessive striving for security is sometimes more harmful than viruses.
Avast does not understand this and becomes dangerous as a paranoid. More and more I have to protect the software from it.

I don’t use it either, but for different reasons, it (for me) is more a vehicle fr promoting other Avast Paid products (the so called Advanced Issues).

I also tend not to run on-demand scans (including Smart), in an on-access antivirus like Avast these are much depreciated, if they were active the AV would have scanned them. If they were dormant then is there a need to scan.

I absolutely agree. It is marketing, not security. Of course, you can get information, but it is not always useful.

I am sorry that I hijacked subject but is sims proper cause I same problem and now can’t set things as they were. I agreed to AVAST turn on DEP and just before restarting I found this page and using this command in CMD I saw my DEP is on 2. Now I can only switch it from 0 and 1 and check is always TRUE .
In Control Panel under data execution prevention tab there are two option and now they both are grayed out . I can’t use this settings at all. And i could but thhey didn’t work as should.
After restart policy was 3 then using bcdedit.exe /set {current} nx AlwaysOff and bcdedit.exe /set {current} nx AlwaysOn I just swich 0 and 1 and windows options for changing DEP have no effect at all.
Please help. Thanks for any response cause I am desperate , already lost many hours trying to solve this.

EDIT - I found soution just after writing this. For those who will serach for same problem you can change policy from 0 to 3 with 4 command. Basic line in CMD is " bcdedit.exe /set {current} nx " and than after empty space add AlwaysOff for 0, AlwaysOn for 1 , Optin for 2 and Optout for 3. 2 is deafult for most users I would say .

I’ve posted about this yesterday. For some reason Avast wants to enable DEP for ALL apps and not just default Windows and system apps. Would be nice if Avast team communicated this better than just warning users like they have it off when it’s just being set to default. Because if you click resolve like I did just to see what happens, it actually flips DEP setting from default (Windows apps and services only) to “resolved” which is ALL apps and services.

I’ve not spotted any issues so far, but still, we know DEP caused problems for old(er) apps. Is this fixed now and they feel confident to turn it fully on? You’d think Microsoft would have that confidence, not 3rd party security company.

Unfortunately I saw this for the first time today. I NEVER run smart scan or any other type of scan because I know what I’m doing.

Avast set a smart scan to run on the first day of every month at 6:00pm CST. Today was the first time this has happened and this OS install and Avast install are at least 5 years old.

The DEP warning came up, which was invalid because it’s already turned on at level 2 which is what I want. I verified this using the command in the post above.

Then it lists a bunch of “advanced issues” trying to upsell their premium product. One of them was that remote desktop services was vulnerable. I explicitly disabled remote desktop services because I don’t need anyone to remotely login to my PC, ever, for any reason.

I forget what the others were, but there were 9 all total. The most absurd was the Remote Desktop warning because the services are disabled on my PC and therefore completely inaccessible.

Thankfully as you finish the process there is a checkbox that allows you to turn off the scheduled smart scan feature.

I prefer Avast to MS Defender because it’s better about not giving false positives at least it was 5 years ago, lol.