Disabling Boot-Time Scan When Canceling is Disabled

 

If you have configured Avast Boot-Time Scan without allowing for it to be canceled (see Allowing Boot-Time Scan Cancellation on Workstations below for more info), you can bypass the scan on end devices the following way:

1. Boot in to the Windows installation media in order to access the recovery options
   • For more information, see Microsoft's articles: Create Installation Media for Windows, and Windows Startup Settings
2. Select Troubleshoot, then Command Prompt

3. In the Command Prompt window, type bcdedit and hit Enter
4. To locate the drive letter of the Windows installation, verify the osdevice under Windows Boot Loader:

5. Type regedit in the Command Prompt and hit Enter
6. Select HKEY_LOCAL_MACHINE, then click File > Load Hive...

7. Navigate to the %systemroot%\System32\Config directory
   • In this example it is C:\Windows\System32\Config
8. Select the SYSTEM file and click Open

9. Enter a key name, such as “test”, and click Ok
   • The hive should successfully load

10. Expand the loaded hive and navigate to ControlSet001\Control\Session Manager
11. Double-click BootExecute, or right-click and select Modify

You should see something similar to the content below:

12. Remove the line beginning with aswBoot.exe, leaving the other entries, and click Ok
    • In most cases, the user will only have autocheck autochk * in the Value data
13. Navigate back to the loaded hive (test, in this example) and select it, then click File > Unload Hive...

14. Close the Registry Editor and Command Prompt, then select Continue to boot to the operating system. The system will now boot normally, bypassing Boot-Time Scan.

Allowing Boot-Time Scan Cancellation on Workstations

For future boot-time scanning, ensure that the checkbox to cancel is ticked when configuring the scan via your console:

 

Business Hub

On-Premise Console

For more information, see Scanning Devices and Configuring Files and Programs Scanned by Antivirus.