Collecting on Windows 7 with VirSort2000 & F-Prot DOS
Tools required:
DOSBox 0.74 - http://sourceforge.net/projects/dosbox/files/dosbox/0.74/DOSBox0.74-win32-installer.exe/download
CWSDPMI.EXE - http://www.download-central.ws/System/CWSDPMI.EXE/csdpmi5b.zip
F-Prot DOS 3.16f - http://www.claymania.com/f-prot.zip
F-Prot Last SIGN.DEF (2008-02-01) -
ftp://ftp.sac.sk/pub/sac/avir/fp-def.zip
F-Prot Last SIGN2.DEF (2008-02-01) -
ftp://ftp.sac.sk/pub/sac/avir/fp-def.zip
F-Prot Last MACRO.DEF (2008-02-01)
VirSort 2000 8.8 - http://vxheaven.org/dl/utl/vs2000.zip
Setup
Download and install DosBOX 0.74
Go to My Computer -> C:\
Create directory F-Prot
Download F-Prot 3.16f
Extract all files into C:\F-Prot
Updating F-Prot's virus definitions
Download the definitions from:
ftp://ftp.sac.sk/pub/sac/avir/fp-def.zip
Extract all files into C:\F-Prot
Updating F-Prot's macro definitions
Download the macro definitions from: ftp://ftp.sac.sk/pub/sac/avir/macrdef2.zip
Extract all files into C:\F-Prot
Copy CWSDPMI.EXE for DOSBox
Download CWSDPMI.EXE and copy from the BIN folder to C:\F-Prot
Install VirSort2000
Download VirSort2000, extract VS2K.ZIP
Copy all 4 files to C:\F-Prot for simplicity
Generate your first log
Run DOSBox
Type: mount c c:\f-prot
Download some malware, a zine for example - http://vxheaven.org/vx.php?id=zidx
Extract it to it's own directory preferably another drive like D:\
Back in DOSBox type: mount d d:\zinedir
Followed by: C:
Now enter: f-prot.exe /dumb /archive /packed /nomem /collect /nofloppy /old /report=FPROT.LOG D:\
Process your log with VirSort2000
Enter: vs2000.exe -B FPROT.LOG
Now simply create more logs, repeating the above in DOSBox, but change the vs2000 command to: vs2000.exe -A FPROT2.LOG for each subsequent logfile.
Please note I am unable to provide instructions for making the GUI work on Windows 7!