Win32.Brontok has downloaded onto my laptop - an Acer running Windows XP. Brontok is blocking all .exe files and every suggestion for getting rid of this virus involves running some .exe program. Brontok is also preventing me from accessing the internet. Is there any other way get rid of this?

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

It's tough to try to help with the limited information you have provided. Since you seem sure you have: Win32.Brontok, see this:
http://www.microsoft.com/security/portal/Entry.aspx?name=Win32%2fBrontok
Make sure to read the information under all tabs so you know what you are dealing with.

You can give this tool a try:
http://www.bitdefender.com/VIRUS-157247-en--Win32.Brontok.A@mm.html

Then read and follow the directions posted above and post a HJT log for me to view.

Post also an uninstall list: Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.
Image: http://img.bleepingcomputer.com/tutorials/hijackthis/uninstall-man.jpg

Thanks

I know I have Win32.Brontok because when I start up my laptop, Symantec gives me a Security Center Alert telling me this. I had tried to run the bit defender before posting originally, but it is a ".exe" file and Win32.Brontok blocks all of these files from running. Additionally I cannot provide a HJT log because I don't currently have Hijackthis installed on my laptop, and I cannot install it now because it is also an ".exe" file. If there is any other way to provide this information I would be more than happy to do this. I am able to run my Registry Editor.

I am currently providing all this information via my desktop, because Win32.Brontok will not let me access the internet via Internet Explorer or Firefox. I also have turned off my wireless card on my laptop so Win32.Brontok can't do anything itself.

Did you read the information in the Microsoft link?
Symptoms of the presence of Win32/Brontok may differ according to the particular variant. Symptoms may include the following:

Immediately after an application starts, the application closes or Windows restarts.
The user cannot update certain security-related software or visit certain Web sites.
The user cannot modify Windows Explorer folder options.
The user cannot run certain Windows tools, such as Task Manager, Registry Editor, or the command shell.

Being careful not to infect the other computer, you will need to bring the tools to the infected computer. Since the malware seems to recognize .exe files, try renaming it:

For instance: http://www.bitdefender.com/site/Downloads/downloadFile/773/FreeRemovalTool
when you click on "Download Removal Tool" then click "Save this file now"
Then click OK and save the file to the DESKTOP. BEFORE you SAVE it, change the file name to
AntiBrontokA-Fix, then Save it. See if it will run now.

You understand the hackers don't want this to be easy. They want your $$$ for nothing.

Thanks

So even when I change the name of file when I download it, it still has a .exe extension. Is there a way to change this?

Try downloading the file to the Desktop, then before you try to run it, boot safe mode and try to run it there:

http://spyware-free.us/tutorials/safemode/

We can try another tool, but will still have the same issue trying to run it and this tool is for the infection that you can see and we will still need to bring the tool to the infected computer.

You have the option to reformat if you wish:
http://spyware-free.us/tutorials/reformat/
http://www.cyberwalker.net/faqs/how-tos/reinstall-faq.html
http://helpdesk.its.uiowa.edu/windows/instructions/reformat.htm

I tried in safe mode, and it didn't work. I guess I'm going to have to reformat. Thanks for helping me!

combofix may remove the junk causing the problem if you can get it to run, follow the directions carefully if you proceed with it.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use

Download ComboFix from here:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.


Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


http://i24.photobucket.com/albums/c30/ken545/RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://i24.photobucket.com/albums/c30/ken545/whatnext.jpg

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

Tutorial if needed
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

If it is being blocked also, you can try renaming it like this:

You must rename it before saving it, save it to your Desktop.

http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif