• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Probable mining virus or simple virus infection after flashing BIOS

Chipe

Chipe

New Member
Joined
Jun 28, 2023
Messages
6 (0.01/day)
Let me tell you about my experience...

I have an Asus P6T Deluxe V2 motherboard with the X58 chipset (yes, quite old; I've had it since it was new, about 10 years ago, I believe). A few months ago, I decided to install an M.2 drive. I purchased a PCIe card and the M.2 drive. To my surprise, the system (BIOS) didn't recognize it. I spent some time searching for solutions and only found a boot loader on a USB drive that serves as a bridge for booting up. Well, while browsing forums (TechPowerUp Forums), I came across a technician (İsmailTPC_Hastanesi), it seems he's from Turkey, and if you know him i mean his work you know, he is the man! the master for that, also the comments and gratitude regarding his work and assistance were all positive, he is a crack on the topic. he help the people to modifies X58 BIOS he already have alot of firmware for several mothers.

I have an XPG M.2, apparently not on the firmware's list. When I sent him the M.2's code information for he enters the code lines on his firmware and work, it was too late; he announced that he couldn't help anymore because it takes too much time and he has obligations at work.

I wrote to ask for his help, offering compensation for his work, but he didn't respond. However, another forum member sent me a message (inbox), offering to help for the same compensation to add the M.2 to the firmware. I agreed, sent the information, but after some time, nothing happened. After several weeks, he contacted me, sent it, and said that if it worked, I should help with the compensation. Everything worked smoothly without any issues. I tried to contact him to express my gratitude and compensate him, but he never responded again.

I have an i7 950 3.07GHz with a liquid cooling AIO Cougar Gamer 120m, and here's where it all begins. Suddenly, the temperature gradually rises from one moment to another, reaching up to 100 degrees without having many apps open or using a significant percentage of CPU. Obviously, before it reaches the peak, I turn it off and wait for it to cool down, sometimes until for a couple of hours or more. When I turn it back on isn’t goes back to normal continue up the temperature it seems almost in the same point that turned it off. But when this one not happened the CPU working well at 25 or 30 degrees, even when using multiple programs. Currently, as I write this, it's at 27 degrees, and even when gaming and performing other tasks simultaneously, it only goes up to 70 or 75 degrees.

Even without entering Windows, just in the BIOS, the temperature keeps rising to the maximum and reaches 100, either inside the BIOS or within Windows. After reaching the peak, whether only in the BIOS or in Windows, it either shuts down on its own or I turn it off, and when I restart it without waiting for it to cool down, it works normally, returning to its normal levels, as if reaching 100 degrees were a task, and once completed, it returns to normal levels.

I think it could be a virus in the BIOS mining, causing the processor to accelerate and overheat. A virus that cannot be detected or removed because it's in the BIOS and activates from time to time, pushing it to the limit for intense mining. It's also possible that the BIOS is corrupted from being modified by a third party, infected or is incorrectly modified by the firmware modified by the forum member (not İsmailTPC_Hastanesi). If so, I can't revert to the original manufacturer's BIOS because I lose access to the M.2 and, consequently, the entire system.

my big quesiton... Is it possible for this to happen? it is a virus in the bios, what can I do to detect it and if positive, eliminate it?

Or could it be a problem with some other hardware like CPU or some other compon of the motherboard, could it be the AIO cooling? The strangest thing is that... the CPU heats up, it goes up, it doesn't go down until it reaches 100 degrees, after that it returns to normal temperature with any out wait time for cooling. It is worth mentioning that the percentage of CPU used is not greater than 20% or maximum 30% when the CPU is already reaching its maximum 100 degrees.

Greetings in advance and thank you for your support.
 
You should replace your CPU thermal paste and check if the fan from the cooler is working and that the cooler is correctly mounted, i dont think you have any mining virus in your bios , at worst i think it can be bugged, you can always reflash the original bios back.

P6T Deluxe V2 - Support

www.asus.com www.asus.com
 
Flash a proper bios from Asus and honestly, accept the sata SSD speeds. NVME can be used for fast storage and if you're really, really needing NVME boot there is only one thread on this forum that has a huge bank of x58 modded bios files. I don't have a link to it sadly.

This is just something I personally wouldn't do to either of my x58 boards.
 
Chipe said:
Let me tell you about my experience...

I have an Asus P6T Deluxe V2 motherboard with the X58 chipset (yes, quite old; I've had it since it was new, about 10 years ago, I believe). A few months ago, I decided to install an M.2 drive. I purchased a PCIe card and the M.2 drive. To my surprise, the system (BIOS) didn't recognize it. I spent some time searching for solutions and only found a boot loader on a USB drive that serves as a bridge for booting up. Well, while browsing forums (TechPowerUp Forums), I came across a technician (İsmailTPC_Hastanesi), it seems he's from Turkey, and if you know him i mean his work you know, he is the man! the master for that, also the comments and gratitude regarding his work and assistance were all positive, he is a crack on the topic. he help the people to modifies X58 BIOS he already have alot of firmware for several mothers.

I have an XPG M.2, apparently not on the firmware's list. When I sent him the M.2's code information for he enters the code lines on his firmware and work, it was too late; he announced that he couldn't help anymore because it takes too much time and he has obligations at work.

I wrote to ask for his help, offering compensation for his work, but he didn't respond. However, another forum member sent me a message (inbox), offering to help for the same compensation to add the M.2 to the firmware. I agreed, sent the information, but after some time, nothing happened. After several weeks, he contacted me, sent it, and said that if it worked, I should help with the compensation. Everything worked smoothly without any issues. I tried to contact him to express my gratitude and compensate him, but he never responded again.

I have an i7 950 3.07GHz with a liquid cooling AIO Cougar Gamer 120m, and here's where it all begins. Suddenly, the temperature gradually rises from one moment to another, reaching up to 100 degrees without having many apps open or using a significant percentage of CPU. Obviously, before it reaches the peak, I turn it off and wait for it to cool down, sometimes until for a couple of hours or more. When I turn it back on isn’t goes back to normal continue up the temperature it seems almost in the same point that turned it off. But when this one not happened the CPU working well at 25 or 30 degrees, even when using multiple programs. Currently, as I write this, it's at 27 degrees, and even when gaming and performing other tasks simultaneously, it only goes up to 70 or 75 degrees.

Even without entering Windows, just in the BIOS, the temperature keeps rising to the maximum and reaches 100, either inside the BIOS or within Windows. After reaching the peak, whether only in the BIOS or in Windows, it either shuts down on its own or I turn it off, and when I restart it without waiting for it to cool down, it works normally, returning to its normal levels, as if reaching 100 degrees were a task, and once completed, it returns to normal levels.

I think it could be a virus in the BIOS mining, causing the processor to accelerate and overheat. A virus that cannot be detected or removed because it's in the BIOS and activates from time to time, pushing it to the limit for intense mining. It's also possible that the BIOS is corrupted from being modified by a third party, infected or is incorrectly modified by the firmware modified by the forum member (not İsmailTPC_Hastanesi). If so, I can't revert to the original manufacturer's BIOS because I lose access to the M.2 and, consequently, the entire system.

my big quesiton... Is it possible for this to happen? it is a virus in the bios, what can I do to detect it and if positive, eliminate it?

Or could it be a problem with some other hardware like CPU or some other compon of the motherboard, could it be the AIO cooling? The strangest thing is that... the CPU heats up, it goes up, it doesn't go down until it reaches 100 degrees, after that it returns to normal temperature with any out wait time for cooling. It is worth mentioning that the percentage of CPU used is not greater than 20% or maximum 30% when the CPU is already reaching its maximum 100 degrees.

Greetings in advance and thank you for your support.
Click to expand...
Here you go , i found a modded bios for your MB on TPU:

www.techpowerup.com

2022-X58/1366 PIN Motherboards NVME M.2 SSD BIOS MOD Collection

Yeah i have read it all the above so the information Asus p6t deluxe v2 -hardware ids PCI\VEN_2646&DEV_5013&SUBSYS_50132646&REV_01 PCI\VEN_2646&DEV_5013&SUBSYS_50132646 PCI\VEN_2646&DEV_5013&CC_010802 PCI\VEN_2646&DEV_5013&CC_0108 Thank you very very much
www.techpowerup.com www.techpowerup.com
 
izy said:
Deberías reemplazar la pasta térmica de tu CPU y verificar si el ventilador del disipador está funcionando y si el disipador está montado correctamente. No creo que tengas ningún virus de minería en tu BIOS. En el peor de los casos, creo que puede tener errores, siempre puedes actualizar. la bios original de vuelta.

https://www.asus.com/us/supportonly/p6t deluxe v2/helpdesk_bios/
Click to expand...

izy said:
You should replace your CPU thermal paste and check if the fan from the cooler is working and that the cooler is correctly mounted, i dont think you have any mining virus in your bios , at worst i think it can be bugged, you can always reflash the original bios back.

P6T Deluxe V2 - Support

www.asus.com www.asus.com
Click to expand...
At first it was what I thought, changing the paste, I already did it with Thermal Grizzly Kryonaut but it continued the same,

the fan works well, the unit is new from a few months ago

one of the biggest problems is not being able to return to the original bios because It does not have support for m.2 and you would lose access to the system :(
 
Chipe said:
At first it was what I thought, changing the paste, I already did it with Thermal Grizzly Kryonaut but it continued the same,

the fan works well, the unit is new from a few months ago

one of the biggest problems is not being able to return to the original bios because It does not have support for m.2 and you would lose access to the system :(
Click to expand...
Well im still thinking that is something wrong with your cooler but if you say its ok maybe it is , i linked you in the other post a modded bios with NVME support for your MB.
 
The fact that you needed to mod your BIOS to make an M.2 drive work should be a hint to you that it's time to upgrade your system. Only an idiot flashes a BIOS modded by a random person on the Internet.

izy said:
Here you go , i found a modded bios for your MB on TPU:

www.techpowerup.com

2022-X58/1366 PIN Motherboards NVME M.2 SSD BIOS MOD Collection

Yeah i have read it all the above so the information Asus p6t deluxe v2 -hardware ids PCI\VEN_2646&DEV_5013&SUBSYS_50132646&REV_01 PCI\VEN_2646&DEV_5013&SUBSYS_50132646 PCI\VEN_2646&DEV_5013&CC_010802 PCI\VEN_2646&DEV_5013&CC_0108 Thank you very very much
www.techpowerup.com www.techpowerup.com
Click to expand...
Read that topic FFS. The specific ID of the NVMe drive needs to be modded into the BIOS, so that likely isn't going to work for OP. It's also being done by the same user mentioned by OP, who has stopped doing this.

Chipe said:
one of the biggest problems is not being able to return to the original bios because It does not have support for m.2 and you would lose access to the system :(
Click to expand...
Tough shit. You should've thought about that before you did stupid shit like this.
 
Last edited:
Assimilator said:
The fact that you needed to mod your BIOS to make an M.2 drive work should be a hint to you that it's time to upgrade your system. Only an idiot flashes a BIOS modded by a random person on the Internet.


Read that topic FFS. The specific ID of the NVMe drive needs to be modded into the BIOS, so that likely isn't going to work for OP. It's also being done by the same user mentioned by OP, who has stopped doing this.


Tough shit. You should've thought about that before you did stupid shit like this.
Click to expand...
Yeah my bad, its not that hard to mod it yourself anyway, there are some guides on winraid but if you are a inexperienced with this stuff then better leave it alone , very high chance to brick the MB.

izy said:
Well im still thinking that is something wrong with your cooler but if you say its ok maybe it is , i linked you in the other post a modded bios with NVME support for your MB.
Click to expand...
Maybe you can dump your current bios and try the original one and see if it fixes the problem , if its a bios problem you dont need the modded one anyway but if you can dump your bios and it wasnt the bios fault you can flash it back.

You can also get a normal SATA drive for the OS and use the NVME for games or what else you like , as far as i know you dont need a modded bios to use it as a non boot drive.
 
Last edited:
Play Nice people!
 
Chipe said:
I think it could be a virus in the BIOS mining, causing the processor to accelerate and overheat. A virus that cannot be detected or removed because it's in the BIOS and activates from time to time, pushing it to the limit for intense mining.
Click to expand...
Any actual proof of this? if fire up task manager to see what's eating all the processing power does it display anything? sort by CPU usage, mining stuff is usually heavy on RAM as well so if you see any process, perhaps disguised as svchost.exe (classic move) that's using up 100% of the CPU and a high amount of memory (I'd say over 1GB is super sus for a service process).

Another one. When you notice high CPU usage go ahead and unplug the ethernet cable, if it goes down again then it's definitely some sort of malware connecting to the internet, though CPU mining is rare... it gives you less than a penny a DAY with a good chip nowadays (hello, it's not 2012 anymore) so it's odd someone would go this route.

Rootkits run code that downloads malware to your hard drive, as the ROM size is small it can't run from there it has to call home to do its thing. They either infect the MBR by making use of the elevated access or operate at OS level to download more files, either way the working principles are almost the same. If the MBR is infected you'll have to wipe and rewrite, all of it, all drives, if not just reflash the BIOS with a 'normal' image file.

I'm more inclined to the AIO being crap, because you know, they tend to behave in funny ways, a clogged block might cause seemingly random temp spikes, if there's fungal growth or something on the loop it might go round with the pump until it clogs the impeller or gets stuck in the block, who knows... I've opened my fair amount of units and the coolant gets nasty after a few years of use, months if we're talking noname stuff, but it's usually the pump electronics that start failing before the coolant goes bad.

Some oldtimers might say "But Caroline, reflashing the BIOS won't fix it as sometimes the rootkits infect memory bits that aren't overwritten during reflashing!" and... you're right, that case you'll have to physically clear or replace the chip, but honestly what are the odds? why go to these lengths to infect a single, random computer? to try and mine dead cryptocurrencies? siphon out data of some anon on a forum? makes no sense at least to me, of course it could be an scriptkiddie with access to decent code and too much free time, but still...

As I said, I bet the cooler is the culprit here, try with the stock cooler if you still have it.
 
Assimilator said:
Only an idiot flashes a BIOS modded by a random person on the Internet.
Click to expand...
As a former bios modder, this is true lads. Only trust bioses modded by frogs.

caroline! said:
dead cryptocurrencies
Click to expand...
I wish they were dead. They aren't, but cpu mining pretty much is. That's good enough to rule this out.
 
R-T-B said:
As a former bios modder, this is true lads. Only trust bioses modded by frogs.
Click to expand...
I always forget to add "or frog".
 
Honestly there is a time to face the music. You have a 15 year old machine. With a 15 year old processor. You don't need NVMe on that. You need a whole new computer but in the meantime, original BIOS + A SATA drive.

Honestly tin foil about a bios level rootkit dropper would maybe be funny or worth it if OP ran a state of the art Sapphire Rapids workstation... It's a old as dirt 45 nm Bloomy (not even extreme edition) on an old as dirt motherboard with slow as snails that play in said dirt RAM, so honestly I don't think so. Most phones are faster than OP's desktop today, CPU mining on that is simply not viable.
 
You must log in or register to reply here.
Back
Top