A increasingly popular technique for rootkits is to install malicious drivers that start very early in the boot process. Malware launching in this manner makes it very hard to detect or remove infections without using specialized tools and techniques. To combat this, Microsoft has added a new feature to Windows 8 called Early Launch Anti-Malware Protection. This feature allows certified antivirus programs that support early launch to load their own driver before almost all Windows boot drivers. This antivirus driver will then scan each and every boot driver that attempts to load and depending on how early launch is configured and whether the driver was detected as malware, will block it from loading. If these malware boot-start drivers are unable to load, then the rest of the malware infection does not become activated and it is much easier for your antivirus software to remove the infection.
If a driver is classified as malware by Early Launch Anti-Malware Protection because it is malicious or because of a false positive, the driver may not be allowed to load. If this is a necessary driver for Windows to start properly, then we could have a problem where Windows is unable to boot up properly. To protect Windows from a situation like this, Microsoft added a method for you to disable Early Launch Anti-Malware Protection during a boot so that you can resolve your issues by either updating your virus detections or removing the problematic malware driver. Then the next time you reboot your computer, Early Launch Anti-Malware Protection will automatically start again and continue protecting your computer.
This tutorial will walk you through disabling the Early Launch Anti-Malware Protection so that you can resolve any issues that may be causing Windows to not start properly. To do this please follow these steps to access the Startup Settings screen.
Please type Advanced on the Windows 8 Start Screen. When the search results appear click on the Settings category as shown in the image below.
Now click on the option labeled Advanced startup options and you will be brought to the General PC Settings screen. Scroll down to the bottom until you see an option labeled Advanced startup. Click on the Restart now button and Windows 8 will restart your computer and go directly into the Advanced Startup options menu.
Now click on the Troubleshoot button and then the Advanced options button. You will now be at the Advanced options screen where you should click on the Startup settings option.
At the Startup Settings screen, click on the Restart button. Your computer will be restarted and brought into the Startup Settings menu as shown below.
Now press the number 8 on your keyboard. This will launch Windows, but with the early launch anti-malware protection disabled. You can now login to Windows and update your virus definitions or perform further scans for malicious programs that may be causing Windows to not start properly. The next time you reboot, Early Launch Anti-Malware Protection will be enabled again automatically.
If you have any questions regarding this process, please feel free to ask us in the Windows 8 Forum.
No comments:
Post a Comment