Windows 10: Boot loop on repeat after a potential malware infestation. Debugging help needed.

Hello,



Upon yesterdays force hard shutdown ( power button power off ) Windows 10 Pro 64x had trouble booting. I wouldn't even load the kernel I would guess because i heard either disk or a fan restarting every second or so as if the whole system resented every second or so but in a continuous loop. Successfully stopped this loop by switching power state of the power source to off. After switching it back after i tried squeezing all that was left by disconnecting power cord, switching on pc and then reconnecting power cable and starting a pc I decided to investigate this reoccurring issue further via the event logs as my starting point.

Last log from yesterday has this in it :



"A service was installed in the system.



Service Name: MpKsl4aaaa532

Service File Name: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1F22D72D-6D17-4FD0-AC1C-243F2B5A8D70}\MpKslDrv.sys

Service Type: kernel mode driver

Service Start Type: demand start

Service Account: "



Could this be a source of the boot loop i encountered ? Where should I go from here in terms of investigation of this problem ?



Yesterday I ran set online scanner while being disconnected from my Internet via lan cable by disconnecting it first because of few of these shutdowns happening during regular (overclocked but automatic overclock by Radeon official software). without any malware detected as a result.

"Clean" reinstall of windows happened not longer than a month ago upon which i used a win10 Debloater from official source page of GitHub coincidentally because of these non-apparent reasoned reboot which sometime resulted in boot loop and sometimes they didn't( I had to basically play with powers itch on power source and on computer itself and tried disconnecting the power cord during first few bits of a second so i would break the loop somehow because I had thought this may be hardware problem, in particular power source.)



Today's entries of startup sequence contained what I think are another interesting entries :

"The leap second configuration has been updated.

Reason: Leap second data initialized from registry during boot

Leap seconds enabled: true

New leap second count: 0

Old leap second count: 0"

"The iommu fault reporting has been initialized."



What I'm mostly interested in solving is a boot loop because of malware infection, but with malware infection underlined. Also I do think first log entry i mentioned in this rant/call for help is the culprit I think because no google result returned after searching for MpKslDrv.sys ... I think It is possible for malware to disguise without and issue and replicate on a disk I did not securely erase but disconnected and then reconnected.. But....

....Any and all suggestions or solutions are welcome and appreciated. Don't hesitate to ask either.

submitted by /u/kam00p
[link] [comments]

:)

 

Windows 10 boot loop possible malware

Hi my Asus zenbook pro running Windows 10 is stuck in some kind of a boot loop where it turns on shows the logo acts like it's going to start up then turns off and does it again. I cannot access my desktop and I'm pretty sure it might be a virus or malware
that is doing this but I cannot solve the problem of the virus or whatever it is because it is stuck in this loop. Any help or suggestions will go a long way thanks!

 

Windows 10 boot loop possible malware

Hello,

I realize the inconvenience you are experiencing with Windows 10. I will certainly help you.

Try the below steps and check if it helps:

Step 1: I suggest you to install Windows 10 using the media creation tool:

Installing Windows 10 using the media creation tool

Step 2: After installing Windows 10, perform an Automatic Repair.

Follow these steps:

• When your computer starts, wait for the manufacturer logo to check the option for boot menu, it will usually be
  F12.
• The boot menu key might differ with each manufacturer. If you are unable to find the boot menu key, you may refer the user manual.
• Restart the computer, when the manufacturer's logo is displayed, keep pressing the
  Boot menu option key to enter the boot menu and change the boot option to
  CD\DVD ROM.
• After you boot your computer using Windows 8 DVD, a black screen appears with gray text "Press any key to boot from CD or DVD". Press any key.
• Select the correct time and Keyboard type.
• Click Repair your computer in the lower left corner
• Click on Troubleshooting, advanced option and then click
  Automatic repair.

Hope this information helps. Feel free to get back to us for further queries. We will be happy to assist you.

 

Win10 Slow boot time. Help debug with Windows Performance Analyzer

Hi,

I think that the issue is caused by the "Generic HDD SCSI Disk Device" driver





you have 8 disk drive attached to your computer:

1. Samsung SSD 860 EVO 500GB
2. Samsung SSD 850 EVO 250GB
3. ST4000DM004-2CV104
4. TOSHIBA DT01ACA200
5. WDC WD20EARX-008FB0
6. Generic HDD SCSI Disk Device
7. Seagate BUP BK SCSI Disk Device
8. Kingston DT Elite G2 USB Device

I would suggest you uninstall the Generic driver from the device manager;

• Open device manager and display the hidden devices;
• Generic "HDD SCSI Disk Device" under disk driver and uninstall it.