每次关机都会出现程序tianlia正在结束。。。没中毒以前是没这个程序的！
机子运行的时候在C盘临时文件夹里会生成update1.exe  update2.exe.. update3.exe update4.exe update5.exe什么的病毒文件。。
瑞星可以杀这些病毒文件。。但是每次过一会就又会出现了，就一直杀不干净。。。我估计和这个tianlia有关。
我快要疯了！那位高手帮忙看看吧！

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Rising\AntiSpyware\runiep.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\RavMon.exe
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
D:\Firefox Plus\App\firefox\firefox.exe
C:\Program Files\ChinaNet\VnetClient.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\HijackThis1991【teyqiu】.exe

O2 - BHO: ThunderBHO - {0005A87C-D626-4B3A-84F9-1D9571695F55} - F:\Thunder\ComDlls\XunLeiBHO_007.dll
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: (no name) - {00215B48-9B12-4762-8709-EED97542EB2C} - C:\WINDOWS\system32\Klydc.dll
O2 - BHO: (no name) - {00ABF03D-B73E-44BB-93DF-B361CC4C5C1F} - C:\WINDOWS\system32\Ulvbc.dll (file missing)
O2 - BHO: (no name) - {04CC6CFF-02E5-4B63-B820-4302549A0A97} - C:\WINDOWS\system32\Udhpc.dll (file missing)
O2 - BHO: (no name) - {04FA8561-BF11-4300-9D05-875E681A437B} - C:\WINDOWS\system32\Fhmk.dll (file missing)
O2 - BHO: (no name) - {063913D4-73B6-4735-A98D-94A587261106} - C:\WINDOWS\system32\Lynbq.dll (file missing)
O2 - BHO: (no name) - {127046CE-4F24-48DD-B0E7-EDB610EE4FEA} - C:\WINDOWS\system32\Sqcqmu.dll (file missing)
O2 - BHO: (no name) - {1678874C-179C-4527-B8F3-2E2C253F51B3} - C:\WINDOWS\system32\Mdepr.dll (file missing)
O2 - BHO: (no name) - {1D5FEB7F-716E-4C31-9958-A0D578A7015A} - C:\WINDOWS\system32\Vuqvnr.dll (file missing)
O2 - BHO: (no name) - {263C987B-3DFB-4116-AB50-0658205F653B} - C:\WINDOWS\system32\Ouxfeg.dll (file missing)
O2 - BHO: (no name) - {2A9EFC46-D75A-45C4-AB1E-DDD9CC60D61C} - C:\WINDOWS\system32\Ujnlo.dll (file missing)
O2 - BHO: (no name) - {36FB0F62-2AB7-486B-A9C9-0AAF52C67EE9} - C:\WINDOWS\system32\Cishy.dll (file missing)
O2 - BHO: (no name) - {392E4206-AE2B-43D7-99D6-05B59EE5D3C5} - C:\WINDOWS\system32\Rmwux.dll
O2 - BHO: (no name) - {3A42B106-4786-4CB2-B0B6-AF50D28CE5E5} - C:\WINDOWS\system32\Lfnmvn.dll
O2 - BHO: (no name) - {3E0C0CD4-CDC4-46B9-9FDB-B0603B1A0937} - C:\WINDOWS\system32\Itwue.dll (file missing)
O2 - BHO: (no name) - {3F67BF99-DA40-4143-9D71-3E06E4C9B1D6} - C:\WINDOWS\system32\Dwzhn.dll (file missing)
O2 - BHO: (no name) - {440319C3-5DA9-4669-AE9D-560446967F04} - C:\WINDOWS\system32\Qyjzod.dll (file missing)
O2 - BHO: (no name) - {475E7E5A-BACF-473D-B8D0-5DC68F450AB1} - C:\WINDOWS\system32\Jwcya.dll (file missing)
O2 - BHO: (no name) - {48A8E207-0EC1-4F5D-8CD2-8F19BCEF5081} - C:\WINDOWS\system32\Tzasgx.dll (file missing)
O2 - BHO: (no name) - {4AED0323-38E3-4CB7-B82A-BBC36A0D035B} - C:\WINDOWS\system32\Sfotk.dll
O2 - BHO: (no name) - {4C5EC4DF-5891-407D-85A4-E380D0EBB7A2} - C:\WINDOWS\system32\Tqzwzx.dll (file missing)
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - c:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: (no name) - {50FA11ED-0CB6-456A-82EF-7C0B903CFCDA} - C:\WINDOWS\system32\Gnwi.dll (file missing)
O2 - BHO: (no name) - {526A7C21-120B-4B9A-AA28-5A0AC4998274} - C:\WINDOWS\system32\Wencn.dll (file missing)
O2 - BHO: (no name) - {53846129-E93B-42DA-B893-99C720B26775} - C:\WINDOWS\system32\Nvzxp.dll (file missing)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\qq\QQIEHelper.dll
O2 - BHO: (no name) - {5755B497-AD31-445C-887C-CA3932595656} - C:\WINDOWS\system32\Byfpm.dll (file missing)
O2 - BHO: (no name) - {5DCA64FA-CAF0-45A0-9DE0-56FC9FFFCA90} - C:\WINDOWS\system32\Nqzqc.dll (file missing)
O2 - BHO: (no name) - {62723869-0925-4FFA-A036-979EE2F7D514} - C:\WINDOWS\system32\Bwfl.dll (file missing)
O2 - BHO: (no name) - {62928B91-FD3F-4DD2-8894-81DE59A8CB30} - C:\WINDOWS\system32\Fdzv.dll (file missing)
O2 - BHO: (no name) - {63DC4404-947D-4881-A309-3BC8B60347CE} - C:\WINDOWS\system32\Kppbmq.dll
O2 - BHO: (no name) - {6B507FE4-58AE-496B-B576-60EF3AB9BCEE} - C:\WINDOWS\system32\Wsve.dll (file missing)
O2 - BHO: (no name) - {6C7A70A4-144F-45BA-BCA8-7A7E7D81D138} - C:\WINDOWS\system32\Wkpcwz.dll (file missing)
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {78873F9F-8420-4F27-B1BF-E77F2C6F4BA5} - C:\WINDOWS\system32\Silnb.dll (file missing)
O2 - BHO: (no name) - {7A2D3B70-D83C-4EF9-A08D-E07F6D0F79E1} - C:\WINDOWS\system32\Hdim.dll (file missing)
O2 - BHO: (no name) - {7BA114C5-1643-4BAD-92C1-ED45DA6331DB} - C:\WINDOWS\system32\Cuacvp.dll (file missing)
O2 - BHO: (no name) - {8AF2D3B9-762A-4FAA-B6E5-8ED87E887532} - C:\WINDOWS\system32\Widebh.dll
O2 - BHO: (no name) - {8B43AA28-9ABD-4801-9D34-B22079F72586} - C:\WINDOWS\system32\Msdykc.dll (file missing)
O2 - BHO: (no name) - {8E316BD0-EC2E-4618-AA66-9B8B84BFD372} - C:\WINDOWS\system32\Faag.dll (file missing)
O2 - BHO: (no name) - {925BC6AA-6A57-4A57-AA4E-E2C5ABC06017} - C:\WINDOWS\system32\Yllyjl.dll (file missing)
O2 - BHO: (no name) - {94BFFD1F-F7B7-45B0-AFCE-E36F5B5DA461} - C:\WINDOWS\system32\Nrokhe.dll (file missing)
O2 - BHO: (no name) - {9FF28834-74C7-4F7D-8F0E-64D824E2C6DD} - C:\WINDOWS\system32\Wexzt.dll (file missing)
O2 - BHO: (no name) - {A8E8DFCF-0667-494B-A8E6-EA93140FBA9C} - C:\WINDOWS\system32\Zwek.dll (file missing)
O2 - BHO: (no name) - {A91D043B-2F0C-44EA-B89E-40AA3821ABF6} - C:\WINDOWS\system32\Csecp.dll (file missing)
O2 - BHO: (no name) - {A985A468-8DCB-4931-9792-80824E0C8B08} - C:\WINDOWS\system32\Dvrfwn.dll (file missing)
O2 - BHO: (no name) - {B150CF87-1BEC-423F-879B-F71E88216E20} - C:\WINDOWS\system32\Tbud.dll (file missing)
O2 - BHO: (no name) - {B3057667-0030-47A8-A5C3-A8D513B12F16} - C:\WINDOWS\system32\Okbm.dll (file missing)
O2 - BHO: (no name) - {BC5BCFE7-B501-4D33-B1E3-9FA4490049F6} - C:\WINDOWS\system32\Itna.dll (file missing)
O2 - BHO: (no name) - {BC77322A-790F-4B83-8747-00B19A6B28CC} - C:\WINDOWS\system32\Iwxtfv.dll (file missing)
O2 - BHO: (no name) - {C4D4233D-13D2-4D35-8E8F-3C79F3BB6282} - C:\WINDOWS\system32\Ewzb.dll (file missing)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: (no name) - {CCF4A501-B775-4F80-B5BB-2F42181EFF5B} - C:\WINDOWS\system32\Yhhonq.dll (file missing)
O2 - BHO: (no name) - {CD5B19F1-6144-4CD9-A5DE-0E05D67728CD} - C:\WINDOWS\system32\Pemg.dll (file missing)
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - f:\Program Files\BitDownload\TorrentManager.dll (file missing)
O2 - BHO: (no name) - {DAA700DE-378B-4B3C-8563-4BC7A9F6D7D9} - C:\WINDOWS\system32\Ypiue.dll (file missing)
O2 - BHO: (no name) - {DB220CEE-EC71-446C-AACC-5B831EB3851D} - C:\WINDOWS\system32\Xcfu.dll (file missing)
O2 - BHO: (no name) - {E04D537A-7042-4929-8B53-30681E014D05} - C:\WINDOWS\system32\Nxhrns.dll (file missing)
O2 - BHO: (no name) - {E9EB02AA-E7BB-41A9-AED9-D57730FC1E9B} - C:\WINDOWS\system32\Tuwb.dll
O2 - BHO: (no name) - {ED79FEDA-2D38-4CEF-BAEC-CEA21F454C0A} - C:\WINDOWS\system32\Vjgy.dll (file missing)
O2 - BHO: (no name) - {EDE61396-CDFD-47B4-88D5-13A7EC64141B} - C:\WINDOWS\system32\Gsnoc.dll (file missing)
O2 - BHO: (no name) - {F6E74F6D-BA05-41E9-9948-C273C36F53BB} - C:\WINDOWS\system32\Zngkd.dll (file missing)
O2 - BHO: (no name) - {F8A7F1BB-3F8B-4669-BB87-FB19D8758C69} - C:\WINDOWS\system32\Rrap.dll
O2 - BHO: (no name) - {F97E4F6D-608B-429D-BA5B-335A80F5295D} - C:\WINDOWS\system32\Uudjbt.dll (file missing)

O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O4 - 启动项HKLM\\Run: [NvCplDaemon] rem RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - 启动项HKLM\\Run: [SoundMan] SOUNDMAN.EXE
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "D:\mc\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [runeip] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - 启动项HKLM\\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - 启动项HKLM\\Run: [ROST] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\update4.exe
O4 - 启动项HKLM\\Run: [BBOB] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\update8.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [c37wfj] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rundl132.exe
O4 - Startup: QQ游戏启动加速程序.lnk = D:\QQGame\Accel.exe
O4 - User Startup: QQ游戏启动加速程序.lnk = D:\QQGame\Accel.exe
O4 - Global Startup: 星空极速.lnk = C:\Program Files\ChinaNet\VnetClient.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - F:\Thunder\Program\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - F:\Thunder\Program\getallurl.htm
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - 浏览器额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - F:\Thunder\Thunder.exe
O9 - 浏览器额外的“工具”菜单项: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - F:\Thunder\Thunder.exe
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - D:\浩方\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing)
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\qq\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\qq\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\qq\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\qq\QQIEHelper.dll
O16 - DPF: {05DA0521-0B6B-458C-BFB1-1EFEF1F3C8FF} (SSOClientAgent Class) - http://www.segame.com/common/SEGAme.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {65DEDD9B-24D3-4EDD-A8BA-371A06679A09} (DopStreamer Class) - http://60.210.17.229/download/dopstreamer.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132229575391
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {AC3A36A8-9BFF-410A-A33D-2279FFEB69D2} (Qzone Media Tools) - http://219.133.62.236/QQPlayer.cab
O16 - DPF: {ACFE8232-03C5-4AEC-AF5E-42B806724096} (KSHScan Control) - http://safe.qq.com/scan/KAllScan.CAB
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/Ver2005/OL2005.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27C92111-5A4B-4F72-AB47-5C83BD1A01B2}: NameServer = 61.128.128.68 61.128.192.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{5431FFD5-2692-4AC7-A4B0-981203D8AA02}: NameServer = 61.128.128.68,61.128.128.67
O17 - HKLM\System\CS1\Services\Tcpip\..\{27C92111-5A4B-4F72-AB47-5C83BD1A01B2}: NameServer = 61.128.128.68 61.128.192.68
O20 - AppInit_DLLs: 399952M.BMP
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - NT 服务: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - NT 服务: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

那位大哥帮帮忙看看嘛。。。！！我现在是一个头两个大了！

我也是这样。。。。