Crowd Strike Anti Virus Blue Screen Problem
CrowdStrike Anti Virus Blue Screen Problem and Solution
Windows users including server Operating Systems around the world are facing massive outages owing to a new Crowdstrike update, which is leading to PCs getting stuck on the blue screen (recovery screen.). Reports suggest that the latest issue on Windows has led to massive outages across Airports, Companies in many sectors, Banks, Government offices across the world.
Windows users across the globe are experiencing the Blue Screen of Death (BSOD) error which is causing the system to suddenly shut down or restart. Microsoft in a message said that the error is being caused due to a recent CrowdStrike update.
https://support.microsoft.com/en-us/windows/resolving-blue-screen-errors-in-windows-60b01860-58f2-be66-7516-5c45a66ae3c6
https://www.ndtv.com/world-news/microsoft-global-outage-live-updates-microsoft-faces-global-outage-multiple-users-affected-6138975
The issue, which has caused a massive outage, has garnered widespread attention, prompting a response from CrowdStrike. “CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor,” the company said. “Our Engineering teams are actively working to resolve this issue.” The company also mentioned that symptoms include hosts experiencing a bugcheck/blue screen error related to the Falcon Sensor.
CrowdStrike Anti Virus Blue Screen Problem Solution ;
rename the crowdstrike folder c:\windows\system32\drivers\crowstrike to something else.
CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
Workaround Steps:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it.
- Boot the host normally.
Do not try to search the file, go directly to the location, otherwise you won’t be able rename it.
Or you can do the following with PowerShell Script;
Rename-Item -Path "c:\windows\system32\drivers\crowdstrike" -NewName "crowdstrike.bak"
Crowdstrike BSOD Solution
Uninstall CrowdStrike / Faolcon Sensor with PowerShell Script Batch File
$servers = Get-Content -Path ‘\\FileServer\servers.txt’
$maintenance_token = Get-Content -Path ‘\\FileServer\maintenance_key.txt’
Invoke-Command -ComputerName $servers -Credential (Get-Credential) -ScriptBlock {
& “\\FileServer\CsUninstallTool.exe” MAINTENANCE_TOKEN=$using:maintenance_token /quiet
}
Go to Troubleshoot – Advanced Option – Startup Repair
See if Windows startup can repair itself
Go to Troubleshoot – Advanced Option – System Restore
Check to see if you have a restore point you can go back to
If you do not have a Restore Point, go to Troubleshoot – Advanced Option – Startup Settings and click Restart
Upon restart, press 5 to enter Safe Mode
Once in Safe Mode, backup your data if you do not already have a backup
Open Device Manager and check to make sure all your Drivers are up to date
Reboot to see if Windows will start Normally
If the above fails, go to Troubleshoot – Advanced Options – Reset this PC
Choose to keep your files and apps, just your files or to keep nothing
Then start the Reset
1) Enable debugging
2) Enable boot logging
3) Enable low resolution video
4) Enable safe mode
5) Enable safe mode with networking
6) Enable will safe mode with command prompt
7) Disabled driver signature enforcement
8) Disabled early launch anti malware protection
9) Disabled automatically we start after failure
Leave a Reply
Want to join the discussion?Feel free to contribute!