• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

ASUS SaberTooth X58 - Virus? AMD64 .inf are unstalled

Joined
Apr 5, 2019
Messages
3 (0.01/day)
Location
Gothenburg, Sweden
System Name Kurnns own Perfect Build Monster PC - Built 2011!
Processor Intel I7
Motherboard ASUS SaberTooth X58
Cooling Air cooling with advanced "draft"
Memory 16GB Corsair
Video Card(s) Geforce GTX 780Ti
Storage 500GB SSD (C), 2 x 2TB SATA storage x 1x 166GB SSD
Display(s) ASUS 26" - 1900 x 1200 in 60Hz
Case Custom designed case for perfect airflow.
Audio Device(s) Realtek on ASUS Motherboard, with driver support for Studio quality
Power Supply Corsair 750 W - High Quality (Cost more then the MB....but it NEVER breaks)
Mouse Regular 2 button mouse with roller in the middle. NO DAMN SPACESHIP GAME MOUSE FFS!
Keyboard Regular Keyboard which was standard 20 years ago.
Software Windows 10, Dragon Browser, Steam games (Civ 6, Master of Orion and Fallout 4 as prime)
Benchmark Scores 8.1, with a 8 years old system. GPU and SSD upgrade 2014. I AM, the master of building systems.
Hey folks

I need help, with....an interesting problem regarding my Asus Sabertooth X58.

Not sure if this is the correct forum for this, (move it please if so)
but I've looked for 2 months now for a solution regarding drivers and cleaning BIOS for ASUS SaberTooth X58.
I built my rig in 2011, and it really should be burned to hell. But I've only added a new SSD as C for more space and !2! Graphic cards. GTX 780Ti And Titan Black.

My PC works fine,
...but I've started to notice odd security issues. Like services like ISS, Web-server, Insider Services etc popping up and I couldnt get rid of em.
Then because I am paranoid, I spent weeks digging in logs to see where these come from. I cant stop remote control of my system no matter what firewalls I put up.

Long story short.
Older ASUS card are targets for attacks that injects in drivers programs and take your pick.
The X58 is a hardarse Motherboard, but it lacks protection from Meltdown and Spectre, which got remedied by a USER in ASUS community.

The problem is you can't completely flush X58 BIOS, and even if I could, I need to find every single "driver" for the motherboard installed in the system.
So far I've tried tons of antivirus scanner.....nothing.
ASUS confirms the issue but since my card is OLD, they...dont give a hut.

This is my card. I have ALL the real drivers for it. I have all the real Intel Firmware for it and I have the correct BIOS.

Has anyone heart of this? Or got any suggestions to me?
Thanks
---Kurnn, The Swedish Goth
 

Regeneration

NGOHQ.COM
Joined
Oct 26, 2005
Messages
1,921 (0.36/day)

AMD64 files are part of the Windows OS. Some editions of Windows come with IIS and its services preinstalled.

IIS and its related services can be removed from the control panel > programs > windows features.

If you suspect your system is infected, you run free removal tool like: McAfee Stinger, Norton Power Eraser, and HiJackThis.

I recommend these AVes for free protection: Bitdefender Antivirus Free Edition and Kaspersky Free.

You can monitor and control which apps/services can have network access with a free firewall like Windows Firewall Control or Comodo.
 
Last edited:
Joined
Apr 5, 2019
Messages
3 (0.01/day)
Location
Gothenburg, Sweden
System Name Kurnns own Perfect Build Monster PC - Built 2011!
Processor Intel I7
Motherboard ASUS SaberTooth X58
Cooling Air cooling with advanced "draft"
Memory 16GB Corsair
Video Card(s) Geforce GTX 780Ti
Storage 500GB SSD (C), 2 x 2TB SATA storage x 1x 166GB SSD
Display(s) ASUS 26" - 1900 x 1200 in 60Hz
Case Custom designed case for perfect airflow.
Audio Device(s) Realtek on ASUS Motherboard, with driver support for Studio quality
Power Supply Corsair 750 W - High Quality (Cost more then the MB....but it NEVER breaks)
Mouse Regular 2 button mouse with roller in the middle. NO DAMN SPACESHIP GAME MOUSE FFS!
Keyboard Regular Keyboard which was standard 20 years ago.
Software Windows 10, Dragon Browser, Steam games (Civ 6, Master of Orion and Fallout 4 as prime)
Benchmark Scores 8.1, with a 8 years old system. GPU and SSD upgrade 2014. I AM, the master of building systems.
Hi!

Thank you kindly for your answer!

I've tried all those
Check, check, check, check and check.

Comodo lasted me dec - early feb, before this came back, grrr.
There are no features to remove. I did not install them. They are not installed.
You only see them in Ccleaner, Kasperskys resque tool and event viewer. CBS.log and DISM + logs shows how someone, not me, is downgrading my system...while Im using it.

There are services running where Microsoft confirmed while connected to my PC, that they are not even allowed to be in a Win 10 HOME. Like an active Bitlocker. Active Hyper-V Server with unlimited Cores.
I was vague about the amd****.inf.
They replace the REAL motherboard driver like the Marvel 9128 SATA RAID driver, for an amd64 bluetooth-Wi-fi-TCP-IP Radio driver. I HAVE NO CLUE HOW, but this is the "line" someone uses to send out packages from my system.

Malwarebytes free service to check your windows, managed to almost get rid of these fake motherboard driver by installing fakes of their own.
Kaspares does something similar, but as soon as the motherboard sniffs internet......stuff happens while you use the puter or not.

I don't suspect my motherboard (not windows/SSD) is infected.
I know so. Confirmed by Microsoft Second line support and ASUS support.

Took 2 screenshots about 1 hour after I finished a CLEAN INSTALL of Win 10, HOME. On a brand new SSD. Installed without internet from a Media creation tool, created at a computer on another site.
Everything is like it should, until I connect to the internet and hook my Win 10 digital license signing into my Microsoft account. Which I had since 2008 (2014 upgraded to win 10).

Before I through away the motherboard, I7 CPU and RAM. And sell my bodyparts to science for a new computer, Im asking my brothers and sisters of computernerdness out there...

heeeelp?
 

Attachments

Joined
Jun 29, 2009
Messages
1,233 (0.31/day)
Location
Heart of Europe
System Name ibuytheusedstuff
Processor 5960x
Motherboard x99 sabertooth
Cooling water
Memory 32 dual ranked
Video Card(s) 1080ti
Storage raptors+ssd
Display(s) 120hz
Case open bench
Power Supply antec 1200 oc
Mouse mx 518
Keyboard roccat arvo
i see ya have 16gb of ram in which configuration if i may ask? like 4x4gb ?
did ya run memtest ?
 
Joined
Oct 22, 2014
Messages
8,064 (3.93/day)
Location
Sunshine Coast
System Name Black Box
Processor AMD 3200G
Motherboard MSI X470 Gaming Plus
Cooling Stock
Memory Adata 8Gb 2133Mhz DDR4
Storage Kingston A2000 512Gb NVME
Display(s) AOC 22" Freesync 1m.s. 75Hz
Case Corsair 450D High Air Flow.
Audio Device(s) No need.
Power Supply FSP Aurum 650W
Mouse Yes
Keyboard Of course
Software W10 Pro 64 bit
It is possible the BIOS is infected, and this could possibly mean a targeted attack.
As those old Motherboards have a BIOS chip that can be swapped I would suggest that, as well as a clean install again on a fresh Hard Drive.
Once up and running, and before you connect online, disable hyperthreading, remote management, and Wake on Lan in the BIOS, and ensure you have a decent Router with a strong password set, as well as a firewall.
 
Top