Disabling Boot-Time Scan When Canceling is Disabled

 

If you have configured Avast Boot-Time Scan without allowing for it to be canceled (see Allowing Boot-Time Scan Cancellation on Workstations for more information), you can bypass the scan on end devices the following way:

1. Boot in to the Windows installation media in order to access the recovery options
   • For more information, see Microsoft's Create Installation Media for Windows and Windows Startup Settings articles
2. Select Troubleshoot, then Command Prompt

3. In the Command Prompt window, type bcdedit and hit Enter
4. To locate the drive letter of the Windows installation, verify the osdevice under Windows Boot Loader:

5. Type regedit in the Command Prompt and hit Enter
6. Select HKEY_LOCAL_MACHINE

7. Click File > Load Hive...

8. Navigate to the %systemroot%\System32\Config directory
   • In this example it is C:\Windows\System32\Config
9. Select the SYSTEM file and click Open

10. Enter a key name, such as “test”, and click Ok
    • The hive should successfully load

11. Expand the loaded hive and navigate to ControlSet001\Control\Session Manager
12. Double-click BootExecute, or right-click and select Modify

You should see something similar to the content below:

13. Remove the line beginning with aswBoot.exe, leaving the other entries, and click Ok
    • In most cases, the user will only have autocheck autochk * in the Value data
14. Navigate back to the loaded hive (test, in this example) and select it, then click File > Unload Hive...

15. Close the Registry Editor and Command Prompt, then select Continue to boot to the operating system. The system will now boot normally, bypassing Boot-Time Scan.

Allowing Boot-Time Scan Cancellation on Workstations

For future boot-time scanning, ensure that the checkbox to cancel is ticked when configuring the scan via your console.