Windows 8 offers Early launch Anti-Malware Boot-Start Driver which is not enabled/configured by default, if enabled this boot-start driver lets you choose which boot drivers to be initialized, these drivers can be good, bad, known and unknown drivers. By default in WDP, both good and unknown boot-start drivers are initialized.

boot start driver intialization policy

Early Launch Anti-Malware Boot-Start Driver determines which boot-start drivers to initialize based on ELAM policy setting in Group Policy editor. This boot-start driver classifies each  boot-start driver as below.

Good: The driver has been signed and has not been tampered with.

 Bad: The driver has been identified as malware. It is recommended that you do not allow known bad drivers to be initialized.

 Bad, but required for boot: The driver has been identified as malware, but the computer cannot successfully boot without loading this driver.

Unknown: This driver has not been attested to by your malware detection application and has not been classified by the Early Launch Anti-Malware boot-start driver

Here is how to enable Early Launch Anti-Malware Boot-Start Driver in Windows 8

1. Use Win + R command and type and enter gpedit.msc

2. Navigate to Computer Configuration>Administrative Templates>System>Early Launch Anti-Malware

3. Double-click on Boot-Start Driver Initialization Policy and select “Enabled”, click Apply and Ok to save the changes.

Early Launch Anti-Malware Boot-Start Driver

4. Exit Group Policy Editor.

Users don’t need to enable this feature since there is a chance of Windows prevents loading a good driver which may lead to system crash. This setting more intended for advanced users and system administrators for troubleshooting purposes.

Please share this article

Tweet | Submit to Reddit