以下注册表值项有问题:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{9A65498A-7653-9801-1647-987114AB7F49}c:\windows\system32\zxipri.dll
{D1351752-5628-1547-FFAB-BADC13512AFD}c:\windows\system32\ztmpri.dll
{859AFD5B-159F-ACD8-954C-ACD545FA6588}c:\windows\system32\jzhpri.dll
{4F12545B-1212-1314-5679-4512ACEF8904}c:\windows\system32\wddpri.dll
{8A65498A-7653-9801-1647-987114AB7F48}c:\windows\system32\zxhpri.dll
{5D83AD9C-3BFC-43F5-979D-2904DBC54A8E}c:\program files\internet explorer\plugins\winsys64.sys
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
<NVDispDrv>c:\windows\nvdispdrv.exe
<RAVHXMON>c:\program files\internet explorer\ravhxmon.exe
<ravztmon>c:\program files\netmeeting\ravztmon.exe
<TIMHost>c:\windows\timhost.exe
<ravwdmon>c:\program files\netmeeting\ravwdmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
<MSDEG32>c:\windows\system32\lyloader.exe
<MSDMG32>c:\windows\system32\lyloadmr.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
<AppInit_DLLs>c:\windows\system32\zxhpri.dll
以下文件有问题:c:\windows\nvdispdrv.exe
c:\program files\internet explorer\ravhxmon.exe
c:\program files\netmeeting\ravztmon.exe
c:\windows\timhost.exe
c:\program files\netmeeting\ravwdmon.exe
c:\windows\system32\lyloader.exe
c:\windows\system32\lyloadmr.exe
c:\windows\system32\zxiins.exe
c:\windows\system32\lymangr.dll
c:\windows\system32\mssql.dll
c:\windows\system32\nvdispdrv.dll
c:\windows\video.dll
c:\windows\system32\msyasd.dll
c:\windows\system32\zxipri.dll
c:\windows\system32\zxhpri.dll
c:\windows\system32\jzhpri.dll
c:\windows\system32\ztmpri.dll
c:\windows\system32\wddpri.dll
c:\windows\winow.dll
c:\program files\internet explorer\plugins\winsys64.sys
c:\program files\common files\microsoft shared\msinfo\system16.ins
c:\program files\netmeeting\ravwdmon.dat
e:\autorun.inf
e:\autorun.exe
建议将以上文件提交瑞星研究。