The world is witnessing an IT apocalypse. Millions of Windows PCs are crashing with a Blue Screen of Death error and reboot loop, which gets stuck at the “Recovery” screen due to a faulty CrowdStrike patch. If you’ve hundreds or thousands of machines affected by CrowdStrike BSOD, we have a workaround that automates the patch process.
The new method can automatically patch the CrowdStrike Blue Screen of Death (Recovery screen, Windows didn’t load correctly) error by booting all your PCs from a modified WinPE image. Remember that the workaround requires you to use Windows Assessment and Deployment Kit (ADK) for your environment, and it may not work with encrypted PCs.
How to automatically fix CrowdStrike BSOD Reboot Loop on Windows 10
- If you don’t already have the Windows Assessment and Deployment Kit (ADK) for your environment, download and install it from the Microsoft.
- You’ll also need to use Wimlib or Microsoft’s tools to mount the WinPE image. If you’re familiar with DISM, you can try the following command:
dism /Mount-Wim /WimFile:"C:\Path\To\WinPE.wim" /index:1 /MountDir:"C:\Path\To\MountDir"
- In the above code, you need to replace “C:\Path\To\WinPE.wim” with the path to your WinPE image file and “C:\Path\To\MountDir” with the directory where you want to mount the image.
- Once done, you’ll need to edit the startnet.cmd file. In Command Prompt, run the following command:
cd "C:\Path\To\MountDir\Windows\System32"
- Open startnet.cmd in a text editor and add the following lines:
del C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys exit
- Save and close the startnet.cmd file.
- After saving the startnet.cmd file, you need to unmount the WinPE image by using the following DISM command:
dism /Unmount-Wim /MountDir:"C:\Path\To\MountDir" /Commit
If you followed the steps correctly, you have successfully created a new WinPE with patch for CrowdStrike BSOD.
You’ll now need to create a bootable WinPE Media by following these steps:
- Copy the modified WinPE image to a USB drive and make it bootable using a tool like Rufus.
- In Rufus, select your USB drive.
- Choose the modified WinPE image file.
- Click Start to create the bootable USB drive.
- Turn on your impacted system, insert the bootable USB drive, and boot from the USB drive by selecting it in the BIOS/UEFI boot menu.
The system will boot into WinPE and automatically execute the commands in startnet.cmd, deleting the problematic C-00000291*.sys file.
If you want to patch all your devices in the organization, you’ve several options now, including PXE Boot.
You can set up a PXE boot server setup where you can place the modified WinPE image on the server and configure the PCs to boot from the network.
This can make the patch process easier and automate it to some extent.
