Hello. The devicewas hacked by a known vulnerability. The admin was given - read, the new admin full. Protected bootloader is set and reformat-hold-button - 4:59.
After resetting by reset, fell into a cyclic reboot at the loading kernel stage (on LCD)
NetInstall is not detected. A console-COM connection gives the following:

RouterBOOT backup booter 3.33
CRS125-24G-1S-RM
CPU frequency: 600 MHz
Memory speed: 220 MHz
Memory size: 128 MB

loading kernel ... kernel not found

That's all. There is no timing for entering bios settings; frantic keystrokes do nothing.
When you hold the reset for 5 minutes and turn on the device, it displays the following:

RouterOS... cleanup
writing settings to flash...writing settings to flash...

and then reboot again

HELP

What is the port you use to perform netinstall?
Did you try again?

What is the port you use to perform netinstall?
Did you try again?

I use all the ports. The port indicator is active on mikrotik, but the network card on the computer shows 0 packets received

Disconnect console before install

Disconnect console before install

of course disconnected

Disconnect console before install

of course disconnected

Have you tried this 20s reset?
"Release the button after LED is no longer lit (~20 seconds) to cause a device to look for Netinstall servers "
Use a switch in between the CRS and the Netinstall PC and disabled firewall on the PC.
Follow the guide:
https://wiki.mikrotik.com/wiki/Manual:Netinstall

Ethernet boot for netinstall is supported only on Port Number 1... You cant perform netinstall using the other ports.

Disconnect console before install

of course disconnected

Have you tried this 20s reset?
"Release the button after LED is no longer lit (~20 seconds) to cause a device to look for Netinstall servers "
Use a switch in between the CRS and the Netinstall PC and disabled firewall on the PC.
Follow the guide:
https://wiki.mikrotik.com/wiki/Manual:Netinstall

the firewall is off, there is no antivirus. I think the thing is
"Warning: If you have set up Protected bootloader, then the reset button's behaviour is changed. Make sure you remember the settings you used to set up the Protected bootloader, otherwise you will not be able to use Eterboot mode and will not be able to reset your device."

Try to perform netinstall on another Mikrotik without problem so you can be sure you do it right....
Also check inside the wiki how we netinstall a device because since you said you tried every port then am not sure you do it correctly....

Try to perform netinstall on another Mikrotik without problem so you can be sure you do it right....
Also check inside the wiki how we netinstall a device because since you said you tried every port then am not sure you do it correctly....

On the PC where Netinstall installed, I previously restored another device, so the problem with firewalls disappears. Why does it respond to a reset within 4:55, does the CleanUP and flash process begin, and is everything reset? So somewhere there is info about the Protected Bootloader.
By the way, there is another same patient with exactly the same hack, it works, but there are no admin rights, so I can’t do anything, just read. I'm afraid to reset it so far so as not to get another brick. The only thing that comes to mind while he is alive is to try to enter the BIOS through the console and put it into Etherboot mode. But the description on the wiki, Protected Boootloader disables the ability to run from the console and NetInstall.