A backdoor causes some annoying problems to my PC. I've been using Windows 2000 Professional with Kaspersky Personal 5.0.142(Standard Base), Zone Alarm Pro 5.1.011.000, and with all Microsoft patches installed. That backdoor made my system restart within 1 min just after I logged in. The phenomenon was exactly the same as those infected with the Sasser worm. But I've all the MS patched installed along with KAV and ZA, it couldn't be Sasser. I really didn't know how it sneaked into my computer with KAV and ZA never turned off. Before the computer was forcedly shutdown, KAV reported that C:\WINNT\system32\comsock.dll was infected with Backdoor.Win32.Small.bq but cannot delete it. So I booted Windows into Safe Mode and did a Full Computer Scan with KAV, but nothing was found this time! I updated KAV to Extended Base (before which I was using Standard base of yesterday) and reboot to normal mode. That backdoor back again, and this time before reboot automatically, KAV reported 3 files, which were all Backdoor.Win32.Simple.bq, but still couldn't delete. Again, I rebooted into Safe Mode and did a Full System Scan. This time, KAV found all the 3 files and deleted them (in Safe Mode). Then the whole system seemed to be ok again. I wonder how this backdoor sneaked into my system and why it could not be detected under Safe Mode, or maybe this backdoor cannot be fully detected with yesterday's Standard Base? At last night, I thought everything was ok, but I was wrong. This morning, after a normal operation for about 1 hour, the whole system began to reboot automatically again. And once more I found this backdoor by Full System Scan in safe mode. I thought there may be some parts of this backdoor still remain in my system and couldn't be detected by Kaspersky (I've adjusted the On-Demand scan level to Maximum Protection). I don't know how I could find them. Or may be they were bounded to some normal exe file. Looking forward to your suggestion. Thanks. I tried NOD32 also, but nothing could be detected yet.