Win32 Trojan / Win32:Rootkit-gen ....Please help!!!

[brin.di12]

Hi, Im new here and not great at computer stuff, I would really appreciate any help!! Thanks in advance

So A couple nights ago my computer screen started randomly flashing and spazing (s/p?) I went to try to back up my photos to a cd, and none of my burning programs will read the driver when a blank cd is in it.
I tried to do a system restore, and was not able to. no restore points? I turned the computer off for the night.
Next morning I turned it on, and random wierd messages kept popping up. Tried to shut the computer down, would not shut down, would  not restart...could only use a limited profile if i try to get onto a adminastrative profile the desktop icons flash and i cant do anything.
So now I am in safe mode...I ran Malwarebytes - it found a few things but they keep coming back..I am running Avast right now...
I have got :

Win32:Trojan-Gen {Other}
C:\windows\system32\gxvxccynxwejpjdqlbbutklfknrgucuafmiub.dll

Win32:Rootkit-gen [Rtk]
c:\documents&settings\Owner\localsettings\Temp\d.exe

Win32:Patched-KG [Trj]
C:\Documents&Settings\Owner\LocalSettings\temp\tmp1B9.tn

JS:Pofka-1R [Expl]
c:\documents&settings\Owner\Localsetting\Temp

and more...but when i goto send them to the chest it either says
"cannot access the file because it is being used by another process"
or "Virus chest is not running. RPC communication failed"


What do I do??? Any Advice PLEASE!!??
P.s I cannot do a boot scan because the computer wont restart!!?

[FreewheelinFrank]

Hi brin.di12,

First try a boot time scan with avast! Right click the scanner screen, select 'schedule a boot time scan' and reboot when requested. (Or open the tab at the top left of the scanner screen and select the boot time option from there.)

Select the "Move to Chest" option for any malware found.

Try a scan with DrWeb CureIT!

Then install, update and run these free anti-malware scanners:

Malwarebytes' Anti-Malware
SUPERAntiSpyware Free
a-Squared Free

Good luck!

[brin.di12]

Cant do a boot time scan- Everytime I try it freezes at the windows shutting down screen...

Also I cannot update Windows for some reason?

[FreewheelinFrank]

You could try a rescue CD.

Download and burn the disk image on an uninfected computer. Boot the infected computer from the disk and run a virus scan (after updating virus definitions if this option is present).

Kaspersky Rescue Disk
AntiVir Rescue CD
Bitdefender Rescue CD
F-Secure Rescue CD

[micky77]

You have a rootkit, i would run rootrepeal, take no action, just post the log.

http://www.malwarebytes.org/forums/index.php?showtopic=12709

[brin.di12]

Okay Thanks! I ran Rootrepeal and here is the log..

ROOTREPEAL (c) AD, 2007-2009

Scan Time:         2009/06/09 12:00
Program Version:      Version 1.3.0.0
Windows Version:      Windows XP SP3

Hidden/Locked Files
-------------------
Path: c:\documents and settings\administrator.brindi\local settings\temp\~df369d.tmp
Status: Allocation size mismatch (API: 131072, Raw: 16384)

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_1\EHI_SS_DLOTmp_BabyBook1-12x12_1g-ribbon\EHI_SS_DLOTmp_BabyBook1-12x12_1g-ribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_1\EHI_SS_DLOTmp_BabyBook1-12x12_1g-ribbon\EHI_SS_DLOTmp_BabyBook1-12x12_1g-ribbondots.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_1\EHI_SS_DLOTmp_BabyBook1-12x12_1i-tag\EHI_SS_DLOTmp_BabyBook1-12x12_1i-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_1\EHI_SS_DLOTmp_BabyBook1-12x12_1i-tag\EHI_SS_DLOTmp_BabyBook1-12x12_1i-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_4\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tag\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tag-preview.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_4\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tag\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_4\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tag\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_4\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tag\EHI_SS_DLOTmp_BabyBook1-12x12_4o-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_6\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag-preview.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_6\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_6\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_6\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_6\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tag\EHI_SS_DLOTmp_BabyBook1-12x12_6l-tagscallop.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_8\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clips\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clipsbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_8\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clips\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clipsbrad.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook1-12x12\EHI_SS_DLOTmpAlbum_BabyBook1-12x12_PNG\EHI_SS_DLOTmp_BabyBook1-12x12_8\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clips\EHI_SS_DLOTmp_BabyBook1-12x12_8e-clipsrings.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_11\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tag\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_11\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tag\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tagedge.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_11\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tag\EHI_SS_DLOTmp_BabyBook2-12x12_11n-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_12\EHI_SS_DLOTmp_BabyBook2-12x12_12l-tag\EHI_SS_DLOTmp_BabyBook2-12x12_12l-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_12\EHI_SS_DLOTmp_BabyBook2-12x12_12l-tag\EHI_SS_DLOTmp_BabyBook2-12x12_12l-tageyelet.png
Status: Locked to the Windows API!

[brin.di12]

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_14\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tag\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_14\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tag\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_14\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tag\EHI_SS_DLOTmp_BabyBook2-12x12_14h-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_18\EHI_SS_DLOTmp_BabyBook2-12x12_18h-tag\EHI_SS_DLOTmp_BabyBook2-12x12_18h-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_18\EHI_SS_DLOTmp_BabyBook2-12x12_18h-tag\EHI_SS_DLOTmp_BabyBook2-12x12_18h-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_20\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tag\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_20\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tag\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook2-12x12\EHI_SS_DLOTmpAlbum_BabyBook2-12x12_PNG\EHI_SS_DLOTmp_BabyBook2-12x12_20\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tag\EHI_SS_DLOTmp_BabyBook2-12x12_20m-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_21\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tag\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_21\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tag\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_21\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tag\EHI_SS_DLOTmp_BabyBook3-12x12_21c-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_25\EHI_SS_DLOTmp_BabyBook3-12x12_25i-tag1\EHI_SS_DLOTmp_BabyBook3-12x12_25i-tag1base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_25\EHI_SS_DLOTmp_BabyBook3-12x12_25j-tag2\EHI_SS_DLOTmp_BabyBook3-12x12_25j-tag2base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_27\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tag\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tagbase.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_27\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tag\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tagend.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_27\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tag\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tageyelet.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_27\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tag\EHI_SS_DLOTmp_BabyBook3-12x12_27k-tagribbon.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_29\EHI_SS_DLOTmp_BabyBook3-12x12_29b-tag2\EHI_SS_DLOTmp_BabyBook3-12x12_29b-tag2base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_29\EHI_SS_DLOTmp_BabyBook3-12x12_29e-tag3\EHI_SS_DLOTmp_BabyBook3-12x12_29e-tag3base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_29\EHI_SS_DLOTmp_BabyBook3-12x12_29g-tag1\EHI_SS_DLOTmp_BabyBook3-12x12_29g-tag1base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_30\EHI_SS_DLOTmp_BabyBook3-12x12_30c-tag1\EHI_SS_DLOTmp_BabyBook3-12x12_30c-tag1base.png
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Owner\My Documents\scrapbooking\templates\babybook\EHI_SS_DLOTmpAlbum_BabyBook3-12x12\EHI_SS_DLOTmpAlbum_BabyBook3-12x12_PNG\EHI_SS_DLOTmp_BabyBook3-12x12_30\EHI_SS_DLOTmp_BabyBook3-12x12_30d-tag2\EHI_SS_DLOTmp_BabyBook3-12x12_30d-tag2base.png
Status: Locked to the Windows API!

==EOF==

[micky77]

Well, thats not what I was expecting. I was hoping to see something like C:\WINDOWS\system32\drivers\gxvxc**************sys.
I would revert to Franks advice with the rescue cd's. Avira is especially good with rootkits.
Here's a brief tutorial.
http://forum.avira.com/wbb/index.php?page=Thread&postID=730130#post730130
I believe the others are Iso files and need to burnred as an image.
http://www.raymond.cc/blog/archives/2008/06/16/kaspersky-offers-free-rescue-disk-to-clean-virus-without-booting-in-windows/