"Hao long weather" Trojan attack 360 security guards take the lead in killing

Recently many netizens reflect, computer desktop inexplicably appeared a "Hao long weather", and difficult to uninstall, while the browser homepage was tampered with WWW.HAO123.COM/?TN=91854872_HAO_PG. According to the engineer analysis, "Hao long Weather" in the computer embedded Trojan drive, forced tampering homepage To obtain promotional fees, 360 security guards have taken the lead in killing this Trojan. After 360 anti-virus engineer investigation analysis, "Hao long weather" through some bad software silently bundled installation: First, "Hao long Weather" in the system implanted Trojan drive Acceler.sys and Vparam.bin (encrypted data file); Acceler.sys will decrypt the vparam.bin and load in memory, the Trojan downloaded by Vparam.bin to run a special hijacked home Trojan horse; Finally, hijacked home Trojan running in memory, Trojan to system registration process callback, When the browser process is discovered, the process command line is modified, followed by the extension parameters, causing the user's browser to be hijacked maliciously. "Hao long weather" Trojan drive Acceler.sys has an effective digital signature (equivalent to the identity of the software ID), signature information for "Chongqing Speed Technology Co., Ltd.", resulting in the vast majority of anti-virus software will be mistaken for legal procedures. If the injured user simply uninstall "Hao long Weather", and do not clear its Trojan drive, the Internet homepage will still appear to be tampered with. At present, 360 security guards and 360 antivirus has been the first to achieve the "Hao long weather" of the comprehensive killing, can help users to completely clear the "Hao long weather" and repair the home page.