Vbox exe nuked by Heur.virus.win32.chir.gen

[giveasiget]

Apologize for not having time to search past posts on this as I am dealing with the first virus attack that had any effect on my machine.

I think sometimes referred to now as a "ransom" virus, this bad boy nuked one or more files on vbox 5.44.

Won't load no indications the exe has started or loading..

Upshot? I have several vdi file that I have put a lot of work into.

I am running win 8.1 dual boot win7 and 8.1. The vbox I was using was on the 8.1 partition although I also had
a previous vbox running on win7 no longer working but I think the files are stlll there-I don't care about that install

I want to reinstall vbox on the WIN7 partition and USE the hopefully undamaed vdi files residing on the 8.1
partition. I don't know maybe they were damaged, but since the virus generally attacks executables I am wondering If i can install same version vbox on the win7 partition and still load the vdi files currently residing on win8.1 partition. This is a 32 bit machine and slow 2gb ram.

If I cannot do that what are my options to be hopefully able to use the vdi files as before, or must I start ALL OVER.

Any helpful replies are highly appreciated. Thanks.

[BillG]

Just like a physical PC, the only way to recover from a disaster is to fall back to a backup version. In both cases, if you do not have a backup you are pretty much out of business.

If you are feeling lucky, go ahead and try the "undamaged" .vdi files, but I would not be too optimistic!

[giveasiget]

Just like a physical PC, the only way to recover from a disaster is to fall back to a backup version. In both cases, if you do not have a backup you are pretty much out of business.

If you are feeling lucky, go ahead and try the "undamaged" .vdi files, but I would not be too optimistic!

I asked for "helpful" replies and this what I get? Are you being sarcastic or what?
Good thing you're a volunteer.

[scottgus1]

There is nothing sarcastic in Bill's response. Your response to Bill is disturbing.

Real-world experience with ransomware is either pay the bad guys, or nuke from orbit and start over from a backup.

You can try the VM's though. You may need to uninstall and reinstall Virtualbox on 7. Re-download the version you had from https://download.virtualbox.org/virtualbox/

Try the whole VM folder, not just the .vdi file. Copy it if possible to the 7 partition, then use the Windows 7's Virtualbox window, Machine menu, Add command, browse to and open the VM's .vbox file. If the .vbox file hasn't been corrupted, the VM should load into the VM list. Hopefully the disk file is still good, too.

However, there is no guarantee that anything within the disk file wasn't corrupted even if the VM does start. All the VM's files are in plain view to apps or viruses on the host OS.

You were happy with Bill being a volunteer? The Moderators with the lock and ban buttons are watching now. And we are not watching Bill.

[mpack]

Bill made a plain statement of fact, then a valid suggestion. I see no sign of anything in the least offensive. Please be polite or be gone.