[PLUG-TALK] Quickbooks - online, virtual, emulator ...
Aaron Burt
aaron at bavariati.org
Wed Jan 23 22:45:20 UTC 2019
Details below, but please shut down and back up that VM ASAP!
On 2019-01-23 13:27, Keith Lofstrom wrote:
> My wife has been using Quickbooks for her medical business
> for more than a decade, because her accountant does. We
> run it inside a 64 bit Windows 7 guest in a VirtualBox
> host on a 5 year old Centos-clone Linux box.
Good setup. Relatively secure and clean. Not too painful to use if it
launches in a full-screen window and doesn't involve a lot of
poking-around.
> I haven't paid much attention to the Win7 guest, but it
> has sprung a leak; something (presumably malware) is
> eating about 100 megabytes of virtual disk per hour, and
...STOP RIGHT THERE. Only reason that VM should be running now is to
check for signs of malware and data exfiltration! Oh and maybe to run a
QuickBooks backup/export and copy that backup off ASAP.
Best disable the VM's networking in any case.
My first guess is that this is a ransomware attack, and it's using that
disk space while encrypting your data. Probably better make a backup
copy of the VM disk image ASAP. Even if it completes the encrypt/delete
process, a backup VM disk image can be mounted on another Win7 VM.
> Imagined alternatives:
> - Upgrade treadmill for Windoze and Quickbooks.
> - Container app for Quickbooks (not Wine compatible)
> - 99.9% data compatible Linux accounting software.
> - Quickbooks online from Intuit
Those all sound like they'd involve a lot of downtime for a
business-critical system. In the interim, can you just build another
Win7 image, reinstall QB on it and import the QB backup from the
existing image?
I'm not sure how the QB Online data import works, but even if it's dead
simple, it'll take time for folks to get used to it.
Warm regards,
Aaron
More information about the PLUG-talk
mailing list