Hi. some time ago I've reflashed my bios (with rom3.bin). Some time after it I dumped it and found it differs a little (rom.bin). There is something which looks like PE in the beginning of the file (instead of empty space)! After some time I have dumped it again. It have changed again! (rom2.bin) The diff between rom.bin and rom2.bin looks like a hardware configuration, but I have dumped CMOS through /dev/nvram before flashing, reflashed bios again, restored CMOS, and dumped again (rom3.bin). Matched with original from vendor site! If the diff had been a configuration, it wouldn't have matched. Could this be a (government) malware? The files are in www sendspace com filegroup y95Wactzzz79s6kdXw17kdNmov%2BEvSlK (add the punctuation, I am not allowed to post links)
bios content differs as soon as you change any settings, the config is stored into nvram. no malware for sure. not a lot of difference.