As you may already know from our previous article, Windows 10 comes with a special Early Launch Anti-malware (ELAM) driver for better security and protection. Here is how to disable it permanently.
The Early Launch Anti-malware (ELAM) driver is a special driver shipped with Windows 10 out-of-the-box. It is enabled by default and serves to protect the operating system against threats at early boot. This is the first boot-start driver Windows 10 starts. It checks other boot-start drivers and enables the evaluation of those drivers. This allows the operating system to decide whether a particular driver should be initialized or whether it should be classified as malware.
This technique is effective against rootkits, which can hide from security software using special drivers they install.
If a required driver is flagged because of a false positive, it won't be loaded by the operating system. Depending on the driver, sometimes Windows 10 is not able to start without it. In another case, a malware driver can prevent the operating system from booting intentionally, and the only way to resolve the issue is temporarily or permanently disabling the Early Launch Anti-Malware protection. This will allow you to update the problematic driver or remove it.
To Permanently Disable Early Launch Anti-Malware Protection in Windows 10, do the following.
- Open an elevated command prompt.
- Type the following:
bcdedit /set {current} disableelamdrivers yes
- Restart Windows 10.
You are done. To revert this change and enable Early Launch Anti-Malware Protection, do the following.
- Open an elevated command prompt.
- Type the following:
bcdedit /set {current} disableelamdrivers on
- Restart Windows 10.
That's it. Thanks to our reader "MazterGee" for sharing this tip.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!
Advertisеment
Thanks for the credit here :)
Thanks for your useful tip!
How do you access the internet after disabling the drivers? I purposely want the drivers off because it takes all my cpu / disc . But I also want to get on the web with them off.
Theres a typo on the command. Should be
bcdedit /set {current} disableelamdrivers no
turning off command does not seem to work on my machine