These files are apparently just definitions/input for the actual CrowdStroke driver, that presumably someone named .sys so it sounds more scary and important.
Peak irony then that you can just delete them. Surely an antivirus should recognize when its being rollbacked?
I don’t have a Windows setup, let alone one with CrowdStrike installed, but for this, you have to be in recovery mode to boot, not necessarily to be able to delete that file. For that, admin access may be enough.
Peak irony then that you can just delete them. Surely an antivirus should recognize when its being rollbacked?