• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Hardware Secrets

Hardware Secrets

Uncomplicating the complicated

  • Case
  • Cooling
  • Memory
  • Mobile
    • Laptops
    • Smartphones
    • Tablets
  • Motherboard
  • Networking
  • Other
    • Audio
    • Cameras
    • Consumer Electronics
    • Desktops
    • Museum
    • Software
    • Tradeshows & Events
  • Peripherals
    • Headset
    • Keyboard
    • Mouse
    • Printers
  • Power
  • Storage
Home » Recovering Dead Motherboards Killed by the CIH Virus

Recovering Dead Motherboards Killed by the CIH Virus

[nextpage title=”Introduction”]

CIH virus, also known as Chernobyl or Spacefiller, is one of the fiercest computer viruses that have been created so far. When PC is infected by this virus, it just erases ROM (BIOS) memory contents in its activation date (April 26th), if this memory is of the Flash ROM type (which is true to all PCs nowadays).

As the BIOS is erased by virus, your PC won’t boot up any more, and probably your motherboard will be diagnosed as “dead”. A lot of PC technicians that don’t know that this virus exist, simply replace the motherboard from the attacked PC. But there is solution: just reprogram the BIOS chip and your motherboard will be alive again.

So, if you are a PC technician, don’t throw away dead motherboards before trying the procedure described in this tutorial. Maybe the motherboard is not really defective, but has just its BIOS erased.

The BIOS can be reprogrammed using a modern EPROM programmer – most technicians don’t have this tool – or using a working motherboard as a BIOS programmer. We will teach you how this can be done.

First, you will need both the BIOS upgrade software and the BIOS contents file. These two pieces can be downloaded at the motherboard manufacturer website. In our tutorial about BIOS upgrade we explain more about these two files. If you are unfamiliar with the BIOS upgrade process, please read this other tutorial first. Write this two files in a bootable floppy (formatted with Format a: /s).

Next you will need a motherboard identical from the one “killed” by the virus. Actually, the motherboard doesn’t need to be exactly the same, but has to be compatible with the BIOS chip from your defective motherboard. Since we can’t tell you beforehand if the motherboard you will use to reprogram the BIOS is or is not compatible with the BIOS chips from the “killed” motherboard, we suggest you to use an identical motherboard.

The procedure to reprogram the erased BIOS chip is the following:

  1. Turn on the good motherboard and boot it with the floppy (of course you will need to install CPU, memory, VGA etc to this motherboard for it to work).
  2. At the DOS prompt, remove the good chip and replace it with the erased chip (more on this below). Yes, with the computer turned on.
  3. Run the programming software and reprogram the bad chip.
  4. Turn off the computer, remove the reprogrammed chip and install back the original (good) chip.
  5. Install the reprogrammed chip on the “killed” motherboard and test it.
  6. The defective motherboard should be working now.
  7. Use data recovery and antivirus software on the hard disk from the attacked PC, since it will be infected.

As you can see, the step number 2 is extremely delicate. If you feel uncertain of doing it, we recommend you don’t try it. Better take your machine to technical support than blow it up by clumsiness.

Now let’s see how the BIOS chip can be removed/replaced.

[nextpage title=”Removing the BIOS Chip”]

To remove the chip, you can use a small screwdriver, if the BIOS chip from your motherboard is DIP (Dual In-Line Package, see Figure 1). If it is PLCC (Plastic Leadless Chip Carrier, see Figure 2) you will need a special extraction tool.

DIP BIOS chip

Figure 1: DIP chip packing. You can remove this kind of chip using a small screwdriver.

PLCC BIOS chip

Figure 2: PLCC chip packing. For this kind you will need a special chip extraction tool.

PLCC Extraction Tool 

Figure 3: PLCC Extraction Tool, used to remove PLCC BIOS chips.

Watch out for not touching any metallic part from motherboard with the screwdriver or extraction tool, mainly any of the ROM terminals. If that happens, you can blow out motherboard.

To remove the DIP chip, just push one side of the chip and then the other side, as we shown on the following figures.

BIOS removal

Figure 4: Push one of the chip sides a little bit.

BIOS removal

Figure 5: Push the other side a little bit.

BIOS removal

Figure 6: Pull it.

BIOS removal

Figure 7: And presto!

When installing the chip back, pay attention to not insert it back in the wrong position. Let’s talk about it now.

[nextpage title=”Inserting the BIOS Back”]

Be careful to not place the chip in wrong position, or you will probably literally burn out the BIOS chip. Both the chip and its socket have a marking called “pin 1”. You have to march the pin 1 marking on the chip with the pin 1 marking on the socket.

Pin 1

Figure 8: Pin 1 notches on DIP chip and socket.

Pin 1

Figure 9: Pin 1 notches on PLCC chip and socket.

PLCC chips are easing to be installed back, because one of its side (the pin 1 side) isn’t squared but triangle-shaped. Thus, it is impossible to insert them in the wrong position.

[nextpage title=”Data Recovery”]

After reviving your motherboard, you will probably need to recover your hard disk. We say that because if the virus was triggered to the point of erasing the BIOS chip, it probably erased your hard disk partition and FAT tables as well.

To recover your hard disk, you will need to use a data recovery software. From all softwares we tested, the best one is the Fix-cih, which is free and can be downloaded at https://www.grc.com/files/fix-cih.exe. This software is small and really efficient. You will need to create a bootable floppy and copy this program to it, and then boot the infected computer from this floppy. Format this floppy from a computer without virus (of course) and using at least Windows 98 (if you format it using DOS or Windows 95, it won’t recognize FAT32 partitions and you probably won’t be able to recover your hard disk). Run the software and wait. It can take a couple of hours recovering your data, specially with you have a large hard disk.

After recovering the hard disk, you will need to run an antivirus software to remove the virus, that will still be stored on your hard disk. We recommend you to download and run cleancih, which can be downloaded from https://www.pspl.com/download/cleancih.exe. This is a 20 KB DOS software, so you can copy it to your bootable floppy and run it after booting from a floppy. Don’t try to boot your from your hard disk, because it is infected and you won’t be able to remove the virus.

To boot your PC from a floppy disk, you need to enter setup (pressing Del key during the memory count that occurs when you turn your PC on) and change the Boot Order (or Boot Sequence) option to “Floppy”, “A:, C:” or similar.

After performing all steps we described, your motherboard will be alive again and your hard disk will be recovered.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

As a participant in the Amazon Services LLC Associates Program, this site may earn from qualifying purchases. We may also earn commissions on purchases from other retail websites.

car service

Why Is Fleet Maintenance Important?

If you have a fleet of vehicles you use within your business, it’s crucial you keep up with their

Playing Fifa on Play station 4

Tips for Recycling Your Gaming Consoles and Devices

These days, it seems like almost everybody is gaming. As great as this is, it’s also creating a

Business planning

How to Develop Your Venture Capital Business

Venture Capital (VC) is a type of private equity investment in which investors provide funding to

Footer

For Performance

  • PCI Express 3.0 vs. 2.0: Is There a Gaming Performance Gain?
  • Does dual-channel memory make difference on integrated video performance?
  • Overclocking Pros and Cons
  • All Core i7 Models
  • Understanding RAM Timings

Everything you need to know

  • Everything You Need to Know About the Dual-, Triple-, and Quad-Channel Memory Architectures
  • What You Should Know About the SPDIF Connection (2022 Guide)
  • Everything You Need to Know About the Intel Virtualization Technology
  • Everything You Need to Know About the CPU Power Management

Copyright © 2023 · All rights reserved - Hardwaresecrets.com
About Us · Privacy Policy · Contact