Windows 8 offers Early launch Anti-Malware Boot-Start Driver which is not enabled/configured by default, if enabled this boot-start driver lets you choose which boot drivers to be initialized, these drivers can be good, bad, known and unknown drivers. By default in WDP, both good and unknown boot-start drivers are initialized.
Early Launch Anti-Malware Boot-Start Driver determines which boot-start drivers to initialize based on ELAM policy setting in Group Policy editor. This boot-start driver classifies each boot-start driver as below.
Good: The driver has been signed and has not been tampered with.
Bad: The driver has been identified as malware. It is recommended that you do not allow known bad drivers to be initialized.
Bad, but required for boot: The driver has been identified as malware, but the computer cannot successfully boot without loading this driver.
Unknown: This driver has not been attested to by your malware detection application and has not been classified by the Early Launch Anti-Malware boot-start driver
Here is how to enable Early Launch Anti-Malware Boot-Start Driver in Windows 8
1. Use Win + R command and type and enter gpedit.msc
2. Navigate to Computer Configuration>Administrative Templates>System>Early Launch Anti-Malware
3. Double-click on Boot-Start Driver Initialization Policy and select “Enabled”, click Apply and Ok to save the changes.
4. Exit Group Policy Editor.
Users don’t need to enable this feature since there is a chance of Windows prevents loading a good driver which may lead to system crash. This setting more intended for advanced users and system administrators for troubleshooting purposes.