Windows CrowdStrike Update Causing Blue Screen of Death: 3 Ways to Fix

CrowdStrike has acknowledged that an error from their side is causing Windows 10 PCs to show Blue Screen of Death (BSOD) errors.

This means that the CrowdStrike security system is causing the whole problem.

It also means you do not have to wait for CrowdStrike to release a patch.

Instead, you can use the following method to prevent the device from the โ€œIt looks like Windows didnโ€™t load correctlyโ€ loop.

Remove the CrowdStrike Files to Get Out of the Loop via Safe Mode

Windows Safe Mode lets you get rid of problematic files within your PC even when you do not have access to it.

In this case, you can access the Safe Mode option to get rid of the CrowdStrike files and make your PC work again. Here are the steps you have to follow.

  1. When you see the recovery screen, look for an option called โ€œSee advanced repair options.โ€
  2. From the upcoming menu, choose โ€œTroubleshootโ€ and go to โ€œAdvanced optionsโ€.
  3. Navigate to โ€œStartup Settingsโ€ and click the โ€œRestartโ€ button.
  4. While your PC is restarting, you have to press F4 so that the PC will reboot in Safe Mode.
  5. Once you have launched Windows 10 in Safe Mode, open Command Prompt/PowerShell
  6. Use the following command

cd C:\Windows\System32\drivers\CrowdStrike

  1. To find the problematic directory, use the following command

dir C-0000291*.sys

  1. Once you find a file with a name similar to C-00000291abc.sys, enter the following command to delete the file:

del C-00000291.sys

Now that you have removed the problematic file from CrowdStrike, your device will be out of the loop.

Rename the CrowdStrike Folder to Disable the Loop via Safe Mode

You can follow the steps we mentioned in the last method to reboot your Windows 10 PC in Safe Mode.

Once you have done that,

  1. Open Command Prompt/PowerShell
  2. Navigate to the Drivers directory by entering the following command:

cd \windows\system32\drivers

  1. Once you find the folder, rename it using the following command:

ren CrowdStrike CrowdStrike_old

You will now be able to boot your PC without the BSOD loop showing up.

Use Registry Editor to Disable the CSAgent to Avoid the BSOD Loop

In this method, you can essentially disable the BSOD screen from loading by disabling the CrowdStrike agent (CSAgent.sys) responsible for this.

  1. Reboot your Windows PC into Safe Mode
  2. Once logged in, press Win+R to open Registry Editor
  3. Find the following path using the sidebar.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CSAgent
  4. Locate the Start entry and double-click the option
  5. Change the value to 4 (from 1, which is for enabled)
  6. The value 4 will disable the service.
  7. Save the settings, close Registry Editor, and reboot your PC

This time, the CSAgent will not automatically start, preventing the BSOD from appearing in the first place.

These steps will prevent the CrowdStrike drivers from loading in the first place. This way, you can open your Windows PC and get rid of the loop.

Wrapping Up

Once CrowdStrike has issued a patch for the network-wide problem, you may reinstall the system or reverse these actions at your own pace.

Subscribe to our newsletter

To be updated with all the latest news

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news

Read More

Suggested Post