CrowdStrike Logo

How to Fix CrowdStrike Issue?

Workaround Steps for Individual Computers

Reference: CrowdStrike's Website

Step 1: Reboot the Computer

  1. Connect to a Wired Network: Plug an Ethernet cable into your computer for a faster and more reliable internet connection than Wi-Fi.
  2. Restart the Computer: Click the Start menu, select the Power icon, and choose Restart. This allows the computer to download necessary files.
  3. Check for Crashes: After restarting, see if the computer crashes again. If it does, move on to the next steps.

Step 2: Boot into Safe Mode or Windows Recovery Environment

  1. Enter Safe Mode: Press and hold the Shift key, then click Restart from the Start menu. Your computer will restart and display a menu. If this doesn't work, alternatively, hold down the F8 key before the Windows logo appears on the screen.
    Select Troubleshoot > Advanced options > Startup Settings > Restart. After restarting, select option 4 (Safe Mode) or option 5 (Safe Mode with Networking) by pressing the corresponding number on your keyboard.
  2. Use Safe Mode with Networking: This option helps by allowing internet access to download necessary files while in Safe Mode.

Step 3: Navigate to the CrowdStrike Directory

  1. Open Command Prompt: In Safe Mode or the Windows Recovery Environment, select Troubleshoot > Advanced options > Command Prompt.
  2. Go to the Correct Drive: Type C: and press Enter to switch to the C: drive (most common drive for Windows installations). Then type cd windows\system32\drivers\crowdstrike and press Enter to go to the CrowdStrike folder.
  3. If C: Drive is Not the Windows Drive: The drive letter might be different in the Windows Recovery Environment. Try other letters like D: or E: until you find the correct one. Then navigate to the CrowdStrike folder using the same cd command.

Step 4: Delete the Specific File

  1. Find the File: In the Command Prompt, type dir C-00000291*.sys and press Enter. This will list the file you need to delete.
  2. Delete the File: Type del C-00000291*.sys and press Enter to delete the file. Be very careful not to delete any other files or folders.

Step 5: Cold Boot the Computer

  1. Shutdown the Computer: Press and hold the power button until the computer turns off.
  2. Start the Computer: Press the power button to turn the computer back on.

Note for Bitlocker-Encrypted Computers

Recovery Key: If your computer is encrypted with Bitlocker, you may need to enter your recovery key during this process. Make sure you have it handy. More info

Additional Information

  • Wired Connection: Using a wired Ethernet connection during these steps ensures a stable and fast internet connection for downloading necessary files.
  • Safe Mode and Windows Recovery Environment: These special modes load only essential system files and drivers, making it easier to fix problems.
  • Fix using a USB Bootdevice: Guide