Dr. Watson and Acebot?

Hi All ~
I am using a Dell Vostro 1500 laptop with Windows XP, and I just had a freeze-up problem. In the background of the windows that were stuck, not opening, I saw a window in the background, that read something like “Doctor Watson Postmortem Debugger.” I couldn’t read anything inside of that window, though, because the frozen-up one was in the way. I wasn’t able to solve the problem with ctr-alt-del, and after multiple attempts, I just manually shut down the computer with all the windows still open.

The computer fired back up normally. I then went to Google and searched to find information abot Dr. Watson. The consensus I found was that it is a normal Windows tool, but one contributor suggested that, while it is normal, it is “run by Acebot,” which is a very malicious Trojan Horse that is very difficult to destroy. Can anyone give some information about this? I haven’t heard of it, and there is nothing in these forums that I can find, about acebot.

Thanks!

This is an old worm…

W32/AceBot.worm
http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=99402
http://www.securelist.com/en/descriptions/6882747/Worm.Win32.Newbiero.01

run a quick scan with avast and Malwarebytes…post log if anything is found

Hi Pondus,

Very, very old worm, going back to first discovered 04-24-2002,

polonus

I ran Malwarebytes. and am attaching the log to this post. It did find one threat in the registry apparently. Not sure if that is the acebot, or something else. Would Malwarebytes have found acebot?

I am doing an Avast Quick Scan now, and will post the results of that when it is complete.

Would Malwarebytes have found acebot?
probably not, since it is this old and malwarebytes only want fresh malware

OK, so is what you are saying, that since this is a very old worm, there is no chance my computer has it?

What’s weird is that ever since yesterday when that window popped up, I’m suddenly having to re-enter all of the information that I’d had automatically generating (like facebook password, etc.) previously. This concerns me, making me wonder if there is someone trying to capture my info via keylogging or some other method.

Maybe I’m being too paranoid. Just can’t be too safe. What do you guys recommend?

OK, so is what you are saying, that since this is a very old worm, there is no chance my computer has it?
no...that is not what i am saying
Maybe I'm being too paranoid. Just can't be too safe. What do you guys recommend?

Follow this guide… http://forum.avast.com/index.php?topic=53253.0
attach the logs requested…
Then one of the trained malware removers will help you