The  UEFI malarkey and Secure boot, Legacy mode (CSM) etc.         
  See related topic the MYTH of BIOS infections

BIOS is now called UEFI or on top brand gaming motherboard, has a nice CSM mode, it is dual EFI and BIOS all in one, best of both words better)
Some makers call it DUAL BIOS. (cute no?) (The wise makers of PC give you a choice, ASUS is the best in this regard)
Personally I avoid  UEFI safeboot mode, and in fact use legacy mode every chance  I get, on older PCs the BIOS(UEFI) is bug ridden mess, some have 15 BIOS updates and is still full of bugs.

You are here because you can not boot to CD /DVD/BR  optical disks or to USB memory sticks or to external HDD (SSD).
UEFI is not the same as old loved BIOS:
Welcome to UEFI BIOS, (my desktop runs CSM BIOS that is both BIOS and UEFI dual mode (ASUS) .  "Compatiblity Support Module" Or simply of all LEGACY mode.
To boot to USB (or DVD) you must turn off Secure boot and turn on Legacy Support. This first example is a HP PC.(modern )
When you do that on a HP PC, the UEFI sends you  a live secret 4 digit code say, 1234,(this blocks virus attacks, this trick) You then reboot the PC.
The PC tells you next,  omg UEFI security is breached, and asks for the 4 digit secret code, and then you type it, 1234 and does not echo to the screen do not panic, just type it blindly and hit enter.
If you go back into this page in UEFI, you see the below the locked in setting done by me.
I like to put the USB/KEY as 1st boot order. (next) There are special key presses to do that. (seen on the right column) F10 saved all settings and...

YOU can now boot and hammer the F9 key (this is HP boot on the fly key) and then pick USB key or DVD. as the case may be. and even load LINUX.
I will show 2 UEFI screens, one is OEM style, (HP) and the other a top gaming mobo (motherboard by Asus Z270-p)
Old PCs are easy , power on, hammer the F9 key to  boot to USB and then hammer (tap,tap,tap...) the space bar to satify the El Torito spec rules, if booting external media of any kind. (see hybrid here)
On a newer PC's not so easy this is. (yoda said) but yes it is, flip 2 bits bam legacy.
See how to move order of USB to the top, using prompted keys in the right window.


This PC has CSM BIOS, (does it all !) I turn on CSM first, then advanced then legacy all.  Bam it boots to anything I want. This is my Z270p motherboard in action.


Doing this you can now boot to USB and...
  • CD
  • DVD
  • BD (blue ray)
  • Even SD memory cards can boot, like my HP does.
  • Or PXE Network boots from its server.
  • HDD
  • SSD
  • On some PCs M.2 card boots, the above PC does.


Side issues on UEFI:
Also turn off fast boot if you want to use linux as dual boot or use linux to back up the windows files latter (like windows is dead?). (or you will be sorry) W10 it's called Fast Startup.
If you forget to do that running Linux , at the least Linux sees C: as missing or illegally formatted, saving your bacon. (tricky no?)
UEFI can be just wrapper around your normal BIOS code.  (a shell  of protection from virus infections)
UEFI allows booting any HDD over 3TB and GPT formatted drive. (most BIOS can not do that, and expections exists for BIOS +GPT, etc...)
MBR disks can not cross, over, 2.2TB (approx) size. ever. So GPT is the only path and BIOS that supports it , is called UEFI. 
There are execeptions to this rule, special HDD(that shrinks with a jumper) or new SATA PCI-e card with its OWN BIOS EXTENSION. ( yah the beauty is that word extensions, that IBM invented) but MBR format  is limited no matter what you do.
See this trick on big server. HP Generation 8 server.
MBR = 32^2 (
4,294,967,295) Times 512byte sectors, so is limited to 2.2TB (do the math or wiki MBR) 32 to the 2nd power.
Most of us now boot from small, SSD (only speed matters to me), and we don't have $3000 for 3TB SSD, nor wish to. (in fact I am booted from M.2 screaming fast SSD)
Also you need 64bit OS, to run huge  HDD, and for sure USB external HDD this large.(and chips inside that work, some don't)
My Z270p mother board can not boot to any GPT drive in CSM mode,but can use them all day long, in windows, 64bit. (just can't boot from GPT in CSM mode but sure can in  UEFI )


The myth of BIOS infections.
First off I  call MYTH BUSTED,  if you did not prove this true then it is a lie. (told lies based of rumors, or hear say or blind fear is not wise)
The First PCs had a Jumper labeled "BIOS update disabled"  some NIMROD engineer removed this jump ,one of the most stupid acts ever done on any PC ever ! IMO
Some makers of PC then added a BOOT BLOCK  LOCK to protect this, sadly many OEM did not add the feature.
The most dangerous section of BIOS is the BOOT block, if a Virus infects this section this section is the first part the executes, during  a cold boot, your CPU does hard just to the boot block first address.
There are 3 basic programs that burn the BIOS seen here.(generic) (and 20 here)
See here for vast overclockers bricking there PC, nothing on earth more clearly shows the folly of these acts.
A Google site: above, search there shows 2900 Bricked PC, (means dead after hacking BIOS) (Google Bricked BIOS hits 250,000)
A virus would need to use the binary codes in the above, 23 (that I know) burn programs and some how match 23 of those to your motherboard, and infect the BIOS. (sure possible but not easy) why is below:

The reason this is a lie is because the FUD purveyors failed to prove it first.
The below is what the BIOS virus must do to infect BIOS. (no small feat , really GOD LIKE if you ask me)
I think, all this paranoia was from 1 guy in Asia, that wrote 1 virus (on a dare) that infected just 1 PC made in 1998, Just  one PC that does not EXIST TODAY anywhere,  but in a land fill. (  the day paranoia started?)
  1. Infect the HDD first , this in fact must happen first so the HDD virus has a  way to run more code that infects BIOS (FIRMWARE)
  2. Must next I'd what OS  you are running, for sure the virus magnet windows (w10 is pretty safe with Windows-Defender running and updated) easy,
  3. Then this magical virus (lets call it MV) then scans the PC to learn what Southbridge (mine is Z270 See  red X)t here were 100s made for 20 + years.  PCI scans do that, like LSPCI. does,(or HWinfo32.exe)
  4. Next up the MV then must ID the  vast number of EEPROM chips connected and its size too and more..., via the South bridge. This  bridge is connected to the EEPROM is your BIOS FIRMWARE,
  5. Once identified (ID), it MV  must also know what PC you have, and what BIOS is there, some are sectioned in 4 blocks,  BIOS1(main), BIOS2(backup) BIOS loader and BIOS update block.(and more now, and UEFI)
  6. The MV must know what is there before hand there is no way to have this MV app just know this like magic.  I bet no MV can reach this far on vast 10000's of models of PC.
  7. It then must erase the EEPROM first then write new code to BIOS1 and then set a CRC code stored, in the secret spot that no maker of PC tells you. Most PCs HALT here if CRC shows any corruption.
  8. Some savvy PC makers put water marks in there BIOS, so if you try to load any binary lacking that secret mark, the flash.exe fails dead, at get go. (so that means MV must have its own burner.exe)
  9. Not only this but the MV would have to have  stolen the (flashwriter.exe)code for ever PC made then hack that,...,  endless versions and features and  modes to make it work.
This is what it need to do , all 8 steps, to infect any BIOS firmware. (possible yes, probable ,no, myth busted) No person has ever done the proof as per below.
The only way I see this happening is the HDD virus, runs all 23 burning App.s and attemps to burn the boot block 23 times, and with more infected code (all bad)
Just One PC is easy to hack BIOS (can be) but all 50,000 models world wide,I  all call But is moot point now, with TPM+UEFI (They  plugged the hole at huge expense)

BIOS VIRUS PHANTOMS?  How to prove  one exits  is below:
Other than running 23+ boot block burning apps blindly, the below is how smart infection code would work.
There is no way to test this theory due to 1000's of motherboards with unique BIOS onboard, vastly more I'm sure.(23year span now 2018, that  1995 is the first EEPROMS and in wonderful sockets)
Before 1995 we had EPROM that must be UV light source erased, but one could program it with all 0 and kill dead all the 1's in the chip, but most EPROM need highvoltage to burn 12vdc or more, that no motherboard could do, nor wanted to then.
This means the first infectable PCs are 1995 and newer until UEFI lock down day.2014
The best way to lock down EEPROM is with a hardware jumper, the BIOS BOOT block lockout, and the EZ-flash section locked out too. (that we you can always recover other Flash sections that were damage.)
May PCs now have 2 BIOSs on board, master and backup. (the backup is locked down) Better PCs those are.
 

IF PARANOIA STRIKES DEEP?:  (into your heart it will creep, and....) This is what to do, and also proves it was not BIOS infected. (as most myth FUD masters fail to do)
  1. PULL THE AC POWER CORD FROM THE WALL AC JACK 
  2. PULL ALL 2 or 3 BATTERIES OUT OF PC, FOR SURE RTC COIN CELL LAST. The RTC coin cell must be 2.9v or more, if not get RID OF IT NOW, get a new battery for sure. It is out now.
  3. Next ALL POWER SOURCES are now DEAD ,  than means the AC pack and every possible battery removed and parked on the bench, away from said PC.
  4. REMOVE THE HDD now. (gee it's infected for sure, a GIVEN)  (we will never put it back in there until it is at least DBAN'd cleaned and erased)
  5. PUSH POWER BUTTON FOR 5 SECONDS, THIS DISCHARGES ALL CAPACITORS inside the PC. (this also erases the NVRAM at this step , yes paraniod effort but can be corrupted easy.)
  6. NOW PUT BACK ALL POWER SOURCES, AC batteries and AP power pack (PSU, etc) (if you even suspect a bad big battery (laptops only) do not put it in ever again, for sure now.
  7. Power on  the PC and  see BIOS page 1, (or?) click ResetBIOS back to factory defaults  then click SAVE) and reboot cold. (if BIOS is dead, now, the Mobo dead or has problems stated here.
  8. Next see all BIOS pages, if all seem normal and no CRC errors or other errors, (ignore no boot errors the HDD is missing now) GOOD now... NO "This PC is owned by Alfred E. Neuman"
  9. I boot to Linux demo disk here (try me) and test the PC fully that way, I bet it runs like gang busters good.
  10. Them BUY A NEW HDD/SSD OR PUT THE INFECTED DRIVE IN TO A HDD ENCLOSURE (USB) chassis AND DO THE ERASURE steps SEEN hear.
  11. Last of all put the clean HDD Back into the was previous suspected PC, and load fresh Windows 10. (using MS install media)


Related to above myth, The person that flashed and bricked their PC now cries  BIOS VIRUS how silly can they be?, here is how. (the truth is THEY ARE THE VIRUS)
I have seen many folks use the wrong binary (zillions do) then wonder why things are dead, then I tell them gee your PC has 10 or more motherboard options day 1 new (even by country), guess what you guessed WRONG.
Some top brands of Laptops have 1 mother board fulled if intel chips and the other one full of AMD chips  but the PC has the SAME NAME and model names, OMG how, easy sub codes see here (#ABA ,codes !!!)
See the 10 silly things people do to BIOS and FAIL.
 
After said persons did that and the screen is now dead (BIOS dead and now with wrong GPU code locked in to your BIOS) the PC  is now bricked, unless our OEM PC maker can save your  bacon, sure do ask them.
Next time do not flash BIOS until you learn how. FOR SURE
Please stop flashing BIOS for fun, kicks or paranoia, or overlocking hacks. (and end the pain)
Most bricking of BIOS was self inflected. (done wrong or overclocking it and burning up chips, learn that overclocking causes cmos transistors to overheat, why do that? )

If you bricked your PC or for sure Bricked your BIOS , go to your  OEM.com pages, and ask for a BIOS total update ( Make real sure the web site  and your country match or you can get the wrong BIOS)


HDD cures: Dead PC.
Erase it first using these free tools DBAN or Killdisk.

Using authentic MS.com downloaded W10 ISO , install the OS. (fresh and virgin form microsoft.com) OK
I bet you it is not infected now.
Next steel yourself,  repeat after me, your BIOS is OK , your BIOS is ok 3 times
If the PC still fails, see this page on the STRIP DOWN.


A UEFI/BIOS video, that is pretty accurate:(hit stop at 4;00 minute mark)

version 2.  8-8-2018