CrowdStrike has acknowledged that an error from their side is causing Windows 10 PCs to show Blue Screen of Death (BSOD) errors.
This means that the CrowdStrike security system is causing the whole problem.
It also means you do not have to wait for CrowdStrike to release a patch.
Instead, you can use the following method to prevent the device from the โIt looks like Windows didnโt load correctlyโ loop.
Table Of Contents
Remove the CrowdStrike Files to Get Out of the Loop via Safe Mode
Windows Safe Mode lets you get rid of problematic files within your PC even when you do not have access to it.
In this case, you can access the Safe Mode option to get rid of the CrowdStrike files and make your PC work again. Here are the steps you have to follow.
- When you see the recovery screen, look for an option called โSee advanced repair options.โ
- From the upcoming menu, choose โTroubleshootโ and go to โAdvanced optionsโ.
- Navigate to โStartup Settingsโ and click the โRestartโ button.
- While your PC is restarting, you have to press F4 so that the PC will reboot in Safe Mode.
- Once you have launched Windows 10 in Safe Mode, open Command Prompt/PowerShell
- Use the following command
cd C:\Windows\System32\drivers\CrowdStrike
- To find the problematic directory, use the following command
dir C-0000291*.sys
- Once you find a file with a name similar to C-00000291abc.sys, enter the following command to delete the file:
del C-00000291.sys
Now that you have removed the problematic file from CrowdStrike, your device will be out of the loop.
Rename the CrowdStrike Folder to Disable the Loop via Safe Mode
You can follow the steps we mentioned in the last method to reboot your Windows 10 PC in Safe Mode.
Once you have done that,
- Open Command Prompt/PowerShell
- Navigate to the Drivers directory by entering the following command:
cd \windows\system32\drivers
- Once you find the folder, rename it using the following command:
ren CrowdStrike CrowdStrike_old
You will now be able to boot your PC without the BSOD loop showing up.
Use Registry Editor to Disable the CSAgent to Avoid the BSOD Loop
In this method, you can essentially disable the BSOD screen from loading by disabling the CrowdStrike agent (CSAgent.sys) responsible for this.
- Reboot your Windows PC into Safe Mode
- Once logged in, press Win+R to open Registry Editor
- Find the following path using the sidebar.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CSAgent
- Locate the Start entry and double-click the option
- Change the value to 4 (from 1, which is for enabled)
- The value 4 will disable the service.
- Save the settings, close Registry Editor, and reboot your PC
This time, the CSAgent will not automatically start, preventing the BSOD from appearing in the first place.
These steps will prevent the CrowdStrike drivers from loading in the first place. This way, you can open your Windows PC and get rid of the loop.
Wrapping Up
Once CrowdStrike has issued a patch for the network-wide problem, you may reinstall the system or reverse these actions at your own pace.