# Need to upgrade work to Win7 - Help



## Davenlr (Sep 16, 2006)

While I use Win7 at home, our work computer (just one on a peer to peer network to share internet) has been running on XP. A recent virus attack, due in part I am sure, to Microsofts lack of updates for it, has prompted the boss to ask me to look into upgrading the computer to Windows 7.

My problem is, I am not familiar with the software currently being run on it. Here is a list:

Peachtree Accounting
Office 2007
Microsoft Office Excel (unknown version)

Peachtree is the big one. It has an Import/Export option as well as a Backup/Restore option. I cannot find in the manual which one to use, or both to save the current data files. The program is from 2002, and has been upgraded each year with current tax info and payroll stuff. Do I need to install the original 2002 disc, and the last upgrade, or all the upgrades in succession (dont know if I can find them all). I would just call Peachtree and ask, except they charge $$$ for questions. They have a new current version out, but it would run close to $600 to upgrade plus the $200 for Win7 is just more than our little 3 employee company can handle.

I have considered just building a new computer (current one is an HP Intel P4, 2GB memory, 200GB 7200RPM drive) with preinstalled win7, and experiment with adding our software while we keep the current computer running. This of course, would add $400 to the bill, assuming the Win7 is included free.

Anyone have any suggestions on how to proceed?


----------



## Drucifer (Feb 12, 2009)

If _Preachtree Accounting_ doesn't have a Win7 version, you'll need to get _WIN7Pro_ because it has an _XP_ emulator in it.

Check out this Peachtree forum

http://forums.peachtreeusers.com/showthread.php?t=20176


----------



## Davenlr (Sep 16, 2006)

Thanks, Ill do some reading in that forum. I havent found any 32 bit windows programs that would not run on Win7 32bit yet, so I dont really understand why it wouldnt run, unless it has 16 bit apps.


----------



## dpeters11 (May 30, 2007)

The issues wouldn't be due to lack of updates necessarily, Microsoft will be releasing security updates until August 2014. Of course t could have been a 0-day, a java vulnerability, Adobe etc.


----------



## houskamp (Sep 14, 2006)

just do one machine and check if everything works.. most of the xp>win7 fails I have seen are due to the common personal folders..


----------



## Davenlr (Sep 16, 2006)

dpeters11 said:


> The issues wouldn't be due to lack of updates necessarily, Microsoft will be releasing security updates until August 2014. Of course t could have been a 0-day, a java vulnerability, Adobe etc.


Yea, she was looking at pictures of dogs on some unknown website. Whatever happened, it DISABLED Microsofts Security Essentials, and from them on, every thing she tried to run popped up a box saying "XP Security 2011 has found a virus in this app, click here to purchase the full version for $99 with your credit card" which she did not do.

I had to restart the computer in safe mode, ran security essentials, did a full scan. Found two JAVA severe threats and removed them. When I rebooted the computer, every .exe program it tried to run on startup popped up a box asking me what application I wished to use to open xxxxx.exe.

I then did a system restore to 3AM this morning, and reran security essentials and it found nothing. Noticed it was two days out of date, and did an update, rescanned again, and it again found the same two JAVA apps.

I think I have it free of trojans now, but how could a program DISABLE the virus scanner? That is something I have never heard of happening.


----------



## Davenlr (Sep 16, 2006)

houskamp said:


> just do one machine and check if everything works.. most of the xp>win7 fails I have seen are due to the common personal folders..


We only have one machine. Will try with a backup computer to see if it works I guess, or maybe just try to install Peachtree on my Win7 64bit laptop and see if it runs first.

She doesnt want to change to any other accounting program, because she "knows how to use" Peachtree. I think the annual upgrade prices to keep it working are highway robbery myself.


----------



## jerry downing (Mar 7, 2004)

Malware is capable of disabling anti-virus software as my son found out the hard way. I had to run Norton Power Eraser to restore his computer. If you install Win7, you should install it in 32 bit. A lot of old software will not run under 64 bit OS.


----------



## RasputinAXP (Jan 23, 2008)

Drucifer said:


> If _Preachtree Accounting_ doesn't have a Win7 version, you'll need to get _WIN7Pro_ because it has an _XP_ emulator in it.
> 
> Check out this Peachtree forum
> 
> http://forums.peachtreeusers.com/showthread.php?t=20176


Question is what version of Peachtree he's running. I have clients running current versions of Peachtree, networked, on Win7.


----------



## Davenlr (Sep 16, 2006)

Yea, I would definitely use the 32 bit version. Nothing she runs would even benefit from 64 bit version. Doubt I will even get one of the high dollar business editions, probably just install home premium, since its just that one computer. I just am not at all familiar with setting up Peachtree. Its hard to set up something you never used before, especially when its for your boss


----------



## Davenlr (Sep 16, 2006)

RasputinAXP said:


> Question is what version of Peachtree he's running. I have clients running current versions of Peachtree, networked, on Win7.


Peachtree is the full edition from 2002, updated annually with the update CD's. She did not buy the networked version. This one is just running on its own PC.


----------



## Grentz (Jan 10, 2007)

Davenlr said:


> Yea, she was looking at pictures of dogs on some unknown website. Whatever happened, it DISABLED Microsofts Security Essentials, and from them on, every thing she tried to run popped up a box saying "XP Security 2011 has found a virus in this app, click here to purchase the full version for $99 with your credit card" which she did not do.
> 
> I had to restart the computer in safe mode, ran security essentials, did a full scan. Found two JAVA severe threats and removed them. When I rebooted the computer, every .exe program it tried to run on startup popped up a box asking me what application I wished to use to open xxxxx.exe.
> 
> ...


 Very common actually. and the every .exe program issue is common too.

Malware/spyware/virus gets in usually by the user accepting some kind of message by mistake (they disguise them well sometimes). The program then hijacks the antivirus software on the machine to disable it. The .exe issue is actually from editing the shell extension commands within the registry. It is easy to fix in regedit...the problem is regedit is a .exe program too. There are some ways around this but it is on a case by case instance.

The idea is that every time you try and open any type of program, the virus/malware/etc. gets executed (it adds a launcher line into the .exe extension). Once you clean out the virus/malware, this launcher line is still there but the program it is pointing too no longer exists, hence the error.

System restore sometimes works, but is overall iffy. In the future you should try running something like Malwarebytes or SuperAntiSpyware for an issue like this.


----------



## Grentz (Jan 10, 2007)

Davenlr said:


> Peachtree is the full edition from 2002, updated annually with the update CD's. She did not buy the networked version. This one is just running on its own PC.


Easiest thing? Call Sage (peachtree). Have the license details in hand and they will help you out. They have good support.


----------



## Marlin Guy (Apr 8, 2009)

Davenlr said:


> Yea, she was looking at pictures of dogs on some unknown website. Whatever happened, it DISABLED Microsofts Security Essentials, and from them on, every thing she tried to run popped up a box saying "XP Security 2011 has found a virus in this app, click here to purchase the full version for $99 with your credit card" which she did not do.
> 
> I had to restart the computer in safe mode, ran security essentials, did a full scan. Found two JAVA severe threats and removed them. When I rebooted the computer, every .exe program it tried to run on startup popped up a box asking me what application I wished to use to open xxxxx.exe.
> 
> ...


You're not gaining much ground on these kinds of attacks with Windows 7. I see them every day on Vista and 7 machines.

Usually the system restore and a full scan with Malwarebytes will do the trick. Sometimes they get nasty and you have to employ Combofix and Kaspersky's Anti-rootkit tool.

If you are the go-to guy at work, then arm yourself in advance.

1. Get a manually write-lockable USB flash drive to guard against rootkit infections. Some will exploit the auto-runs feature and propagate from the PC to your flash drive when it's plugged into an infected machine.

2. Load the drive with 
Malwarebytes
Combofix
Kaspersky's TDSSKiller
and the following command in a text file - netsh reset winsock catalog, which you will run from a command prompt in order to remove malicious LSP's installed by viruses and malware and reset them to original configurations.

If you are going to upgrade the existing hardware, run the Windows 7 Upgrade Advisor to insure compatibility. Also be advised that Windows 7 on an older machine with less than 2 GB of RAM is going to be horribly slow. 4GB is preferred.


----------



## Grentz (Jan 10, 2007)

and if you have people that are having the issue all the time, I would suggest to them to buy Malwarebytes pro. Then you get the realtime protection and it does help.

The issue is most of these infections are allowed by the user, they are just good at disguising the accept notices.


----------



## Davenlr (Sep 16, 2006)

Marlin Guy said:


> 2. Load the drive with
> Malwarebytes
> Combofix
> Kaspersky's TDSSKiller
> and the following command in a text file - netsh reset winsock catalog, which you will run from a command prompt in order to remove malicious LSP's installed by viruses and malware and reset them to original configurations.


Got that. Is netsh a program I need to put on the flash drive, or part of one of the previously mentioned programs?

Edit at add: Would I need the flash drive, or could I burn those programs on a CD or DVD instead?


----------



## Marlin Guy (Apr 8, 2009)

netsh is a windows command. It's already on the machines.
I prefer a thumb drive for durability and portability, but yeah, a CD would work.


----------



## dpeters11 (May 30, 2007)

"Marlin Guy" said:


> You're not gaining much ground on these kinds of attacks with Windows 7. I see them every day on Vista and 7 machines.


As long as people still have Java, Flash, acrobat reader etc installed, we'll still see it. Its hard to make sure everything is up to date. On my home systems, I try to keep a 100% score on Secunia PSI, but its not always easy.


----------



## dpeters11 (May 30, 2007)

"jerry downing" said:


> Malware is capable of disabling anti-virus software as my son found out the hard way. I had to run Norton Power Eraser to restore his computer. If you install Win7, you should install it in 32 bit. A lot of old software will not run under 64 bit OS.


As long as you stay under 4gb RAM. I'd think the old software that would be an issue is just 16 bit stuff, or 32 bit programs that use the old 16 bit installers. Its those and drivers that are an issue on 64.

As for Autorun and viruses, I found this very interesting"
http://blogs.technet.com/b/mmpc/archive/2011/06/14/autorun-abusing-malware-where-are-they-now.aspx


----------



## Davenlr (Sep 16, 2006)

Is there any way to make a bootable windows xp (or 7 or whatever) safe mode DVD, like those Linux ones every one uses to boot up with to run special programs?

I would like to make a bootable DVD with all these anti-virus and malware programs on it, that would boot up independently, so in the case of this last virus, which would not allow any programs to be run (it ran itself instead), I could just pop in the bootable DVD, and it would run all these malware programs one after the other, and then run the script mentioned above.


----------



## Marlin Guy (Apr 8, 2009)

What you're talking about is something like a BartPE.
Personally, I prefer to do the work from Safe Mode. Some of the malware will still fire up in safe mode, but I can usually get ahead of it with Combofix.


----------



## Davenlr (Sep 16, 2006)

Marlin Guy said:


> What you're talking about is something like a BartPE.
> Personally, I prefer to do the work from Safe Mode. Some of the malware will still fire up in safe mode, but I can usually get ahead of it with Combofix.


Yea, that was what I was wanting, but found something better. I just downloaded and burned the Microsoft Win7 Stand-alone Sweeper program. It boots off the CD, and runs the Security essentials program on all the drives. Just wanted something to use in case I couldnt get Safe-mode to work, or the computer would not boot up (besides running the emergency recovery of the backup program).

With the above disc, and the one with those programs and the script, I think I should be as prepared as I can be.


----------



## Marlin Guy (Apr 8, 2009)

One more thing that you may want to add to your text file is the following command.
%systemroot%\system32\restore\rstrui.exe

This runs System Restore from the command prompt. It's handy on the latest fake system utilities that hide the start menu, documents, desktop icons, etc.


----------



## Davenlr (Sep 16, 2006)

Marlin Guy said:


> One more thing that you may want to add to your text file is the following command.
> %systemroot%\system32\restore\rstrui.exe
> 
> This runs System Restore from the command prompt. It's handy on the latest fake system utilities that hide the start menu, documents, desktop icons, etc.


Thanks. Got that one saved also. Bought Malwarebytes and installed it also. She should be good to go for now, I hope.

Thanks for all the tips and links.

Dave


----------



## wingrider01 (Sep 9, 2005)

Davenlr said:


> Yea, she was looking at pictures of dogs on some unknown website. Whatever happened, it DISABLED Microsofts Security Essentials, and from them on, every thing she tried to run popped up a box saying "XP Security 2011 has found a virus in this app, click here to purchase the full version for $99 with your credit card" which she did not do.
> 
> I had to restart the computer in safe mode, ran security essentials, did a full scan. Found two JAVA severe threats and removed them. When I rebooted the computer, every .exe program it tried to run on startup popped up a box asking me what application I wished to use to open xxxxx.exe.
> 
> ...


It is nothing new, there hae been virii out there that will disable locally installed AV systems or redirect the systems so they stop pulling valid virus definitions down.


----------

