CrowdStrike just pushed a channel file that Is killing Windows systems. Here is how to get them back up and running:
- Boot Windows into Safe Mode or into the Windows Recovery Environment
- Delete the file matching “C-00000291*.sys” in the “C:\Windows\System32\drivers\CrowdStrike” directory. You can do so manually with the following command:
cd \Windows\System32\drivers\CrowdStrike & del C-00000291*.sys - Restart the host and boot it normally
This will prevent the broken driver from loading.
Happy Friday!