Reader Level:
ARTICLE

Early Launch Antimalware Boot Start Driver in Windows 8

Posted by Prabhakar Maurya Articles | Windows 8 September 26, 2012
In this article we are explaining Early Lunch Antimalware Boot Start Driver in Windows 8.
  • 0
  • 0
  • 2904

Introduction

Windows 8 provides a new security feature "Secure Boot" that protects the Windows boot configuration and Windows components The Early Launch Anti-Malware (ELAM) driver is loaded at the time of booting. The ELAM driver starts before other boot-started drivers and enables the evaluation of those drivers and helps the Windows Kernel decide whether key should be initialized and whether key should not be initialized.

The Boot driver are inclination based on classification that is returned from the ELAM driver according to an initialization policy. By default the policy initializes for good and Unknown and does not initialize for known bad drivers. If you want to prevent an Unknown driver from being initialized or enable a driver that is critical to the boot process then you can specify a custom policy through group policies.

The ELAM driver classifies the driver as follows:

  • Good: The driver is signed and has not been tempered with.
  • Bad: The driver has been identified as malware. It is recommended that you do not allow the known bad driver to be initialized.
  • Bad, but required for boot: This driver is identified as malware but the computer cannot successfully boot without loading this driver.
  • Unknown: This driver has not been determined to be your malware by a detection application and has not be classified by the ELAM driver.

How to configure the boot start driver initialization policy

Step 1

Move the cursor on the right-button and select "search".

Desktop-Screen-Windows8.jpg

Step 2

In search box type "gpedit.msc" and click on the window that is shown.

Search-Box-Windows8.jpg

Step 3

The "Local Group Policy Editor" window will be opened.

Local-Group-Policy-Editor-Windows8.jpg

Step 4

In the Local Group Policy Editor window click on "Administrative Template > System > Early Launch Anti-Malware".

Early-Lunch-Anti-Malware-Windows8.jpg

Step 5

In this step click on "Boot Start Driver initialization policy" and then "Policy Setting".

Boot-Start-Driver-Windows8.jpg

Step 6

The Boot Start Start Driver Policy window will be opened.

Policy-Setting-Windows8.jpg

Step 7

In this step click on "Enable" and choose the boot start driver, then click on "OK" to apply this setting.

Change-Policy-Setting-Windows8.jpg

Step 8

Restart your computer.

COMMENT USING

Trending up