CrowdStrike-rollback.ps1 is a PowerShell script designed to automate the removal of a specific file related to CrowdStrike that may be causing issues on your Windows system. This script should be executed in Safe Mode or the Windows Recovery Environment.
CrowdStrike is a security solution that protects endpoints against threats. However, certain CrowdStrike files may become corrupted or cause issues that prevent the system from functioning correctly. Specifically, a file named C-00000291*.sys in the C:\Windows\System32\drivers\CrowdStrike directory needs to be removed to resolve the problem.
- Ensure you have administrator permissions on the system where the script will be run.
- Save the script as
CrowdStrike-rollback.ps1.
- Restart the system and enter Safe Mode or the Windows Recovery Environment.
- To enter Safe Mode, hold down the Shift key while clicking "Restart" and then select:
- "Troubleshoot"
- "Advanced options"
- "Startup Settings"
- "Restart"
- Select the option for Safe Mode.
- To enter the Windows Recovery Environment, follow a similar process and select:
- "Troubleshoot"
- "Advanced options"
- "Command Prompt".
-
Open PowerShell with administrator privileges.
-
Navigate to the directory where the script was saved.
-
Execute the script with the following command:
.\CrowdStrike-rollback.ps1
This should help automate the process of resolving the issue.