(this blog originally posted at Reveald.com)

How To Resolve The Issue

These instructions were first published by Superuser.com from advice given by Brody N. – Director of Overwatch at CrowdStrike Inc. The Reveald team is actively researching other options and other workflows and will update this blog periodically.

1. Boot to Safe Mode or the Command Prompt from the WinRE blue screen:
   • Safe Mode:
     See advanced repair options → Troubleshoot → Advanced options → Startup Settings → Restart → Options menu: F4 / 4
     
   • WinRE: Command Prompt
     See advanced repair options → Troubleshoot → Advanced options → Command Prompt
     • If a machine is stuck on a BSOD and not auto-booted to WinRE:
       1. Reboot machine by holding down power button for ~10s
       2. Once Windows’ bootloader begins loading Windows, repeat 2x
          • Windows will auto-boot to WinRE upon two failed attempts by the Windows bootloader to load Windows
            
2. Delete file matching C-00000291*.sys within:
   
   %WinDir%\System32\drivers\CrowdStrike
   1. Safe Mode:
      1. Open an Admin terminal:
         
         +R → Open: powershell → Ctrl+Shift+OK
      2. Delete file:
         
         Remove-Item -Path "$env:WinDir\System32\drivers\CrowdStrike\C-00000291*.sys" -Force
      3. Reboot:
         
         Shutdown /f /r /t 0
   2. WinRE Command Prompt:
      
      (C: is usually not the OS partition mount point in WinRE)
      
      1. Obtain mount point of the OS partition:
         
         ::# Launch DiskPart:
         
         DiskPart
         
         ::# List all volumes [partitions]:
         
         Lis Vol
         
         ::# Close DiskPart:
         
         Exit
         
      2. Delete file:
         
         Del /f /q "<OSdriveLetter>:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"
      3. Reboot:
         
         Close Command Prompt → Continue to Windows <#>
         
3. Normally boot to Windows