More BSOD Issues But My Laptop is Fixed

Yesterday my IT department reached out to me via chat and provided instructions on how to get my laptop back from the dead because of the CrowdStrike BSOD. I immediately responded that I knew what to do but did not have administrator access for my laptop. A minute or two later, the contact provided me with a new login with admin privileges and the corresponding password. I am keeping that information should I need it in the future.

I rebooted my laptop into safe mode and logged in using the new credentials. As it is the first time anyone has ever logged into the machine with that user name and password, Windows had to set up a number of things with a lot of restrictions because of running in safe mode. It took about 5 minutes to complete. Unfortunately I experienced a new set of issues to overcome.

I had hoped I could just go into the command-line tool to navigate to the directory with the offending file. Unfortunately I couldn't get it to load. I had to right-click on the Windows menu and bring up the File Explorer. I put in the explicit path in the navigation field and successfully entered the directory. Then I scrolled down to the "C-00000291 . . ." file and right clicked on the file name. One of the options in the menu is "Delete" and I clicked it. Then just to be sure, I emptied the Recycle Bin as I didn't want anything to try and recover that file. The final step was a reboot. Then my computer came up without issue.

I made sure to thank the IT person and let him know my computer revived from the dead and I could start working. He thanked me for the confirmation and moved off to another system to restore.

The fix for getting the CrowdStrike problem is actually fairly simple on paper. The problem comes from Microsoft Windows and how it is impossible to fix without having someone log into each individual machine to remove a single file. That further gets complicated by various configurations like safe mode not being able to send output to the monitor on a DisplayPort or a new user with administrator privileges logging into a machine for the first time. So when you wonder why Delta Airlines can't get their machines back up and running quickly so you can fly home from a vacation, hopefully my journey has provided you with some understanding.

BSOD Update with a Twist

Today I came across a friend with a computer experiencing the Blue Screen of Death (BSOD) caused by the CrowdStrike update on Friday. He and I are both computer experts in that we work solving computer problems on a daily basis. We both knew the steps to deal with the problem once we got the computer to boot in safe mode. The trick was figuring out how to get it up in safe mode.

The computer in question had two ports to connect to monitors but only had a single monitor. One port had an HDMI interface while the other had a DisplayPort interface. They are slightly different but have somewhat similar cables. As luck would have it, the monitor for the computer only had a DisplayPort cable and so that is what the computer used. Unbeknownst to us, when Windows tries to boot in safe mode, it cannot talk to the DisplayPort and has to use the HDMI one.

The way to recognize this is that the computer will reboot twice and on the third time nothing will be displayed. Hitting the return key will cause the computer to reboot and try to do 3 more reboots before going dark again. My friend and I tried a number of ways to force the machine booting into safe mode but that only brought the blank screen.

On a whim, I suggested we remove the DisplayPort cable and try to boot using an HDMI monitor. This means we had to grab a TV from another room and bring it into the same room as the computer. We also had to completely unplug the DisplayPort cable from the computer and connect the HDMI cable. Once we did that, we went through the required three reboots and on the third time got the computer running in safe mode. We deleted the offending file and rebooted the computer. It worked well. Furthermore we just unplugged the HDMI cable and re-inserted the Display-Port cable. We didn't have to shut down the machine or change any hardware settings. The original display worked fine and we could use the computer.

If you find yourself getting to the third reboot and a blank screen, you may just need to try an HDMI cable instead of a DisplayPort one. My hope is that this advice helps someone out there still experiencing trouble.

The Windows Blue Screen of Death

This morning I woke up and headed down to my office in the basement. I knew something was wrong when I saw a light as I walked down the darkened stairs. It came from my work laptop and that is not normal. I figured an update happened overnight and that turned out to be the case. Then I looked at the screen and saw the dreaded Windows Blue Screen of Death or BSOD for short. I only have one meeting on Friday's and so I followed the on-screen instructions to try and get the laptop ready for that 11am appointment. With no luck, I stopped playing before I did some damage to the laptop and went for my morning bike ride.

That last sentence probably is worth repeating: I stopped playing before I did some damage to the laptop and went for my morning bike ride. Often times when experiencing a computer problem it is best to take a step back and think through ALL of your options before proceeding. During my ride I figured that I probably was not the only one experiencing this issue and I should figure out how to check my work e-mail to see if there might be a memo about the problem.

Fortunately there is a website I can go to on my personal Mac. It took some hunting around but I found it and had no fewer than 5 e-mails telling me about the problem and that there is a fix. My company, Sony, also sent an e-mail to my personal e-mail account telling me to file an IT ticket with our internal help system. I did.

This is not an isolated issue. CrowdStrike is a security vendor that a lot of companies use to help secure their computers. Last night they sent an update that caused the BSOD for not just a number of Sony computers but also airlines, banks, and government offices. There is a simple workaround to get your computer back from the dead. The only catch is that you have to have administrator privileges for your computer. Sony has locked me out so I can't delete the file. Should you have administrator privileges, here are the steps to get your computer working again:

1. Boot your computer in Safe Mode. This means letting your computer try to reboot 3 times and then it will bring up a screen that asks you to Troubleshoot or turn off your computer, among other options. Use the arrow keys to select "Troubleshoot." At the next screen, select "Start Up Settings" and choose option 4 or 5 which boots the computer in safe mode. Here are Microsoft's instructions.
2. Once your computer is up and running, open the command-line tool. Usually you can go to the search bar at the bottom of the screen and type "cmd" which will bring up the command-line tool.
3. Change the working directory to the right one using: cd C:\Windows\System32\drivers\CrowdStrike
4. When I try to change directories I get an "Access Denied" error but if you don't get that error you are in the right place to delete the offending file which can be done with: del C-00000291*.sys*
5. Reboot your computer and you should be good to go.

Hopefully this helps you get back on your computer. Unfortunately I need to wait until I hear back from my IT department. Too bad it isn't winter or I could totally get away with going skiing. Instead I will work on something else that I can do with just e-mail and limited network access to the office.