Exploit

C:\VLTrader\VLTrader.exe

Click on Help > About

ENSURE IT IS 5.8.0.21

If it is not Tools > Software Update

Fill out information if not already filled out and click ReRegister

Click Check for Update

Follow prompts

If you get an Access Denied Error Contact Brett Lovell, CSS Support

Go into services.msc and restart service

Change Auto Run

Configure > Options > Other Tab

Change Autorun Directory to autorun-DUMMYFolder and then click on any other entry

and then click Ok

Close Application

Prevent further exploitation

C:\VLTrader\Autorun

Right Click > Properties > MAKE SURE THERE IS A CHECK MARK, A SQUARE CHECK DOES NOT MEAN ANYTHING.

'Click Apply

C:\VLTrader\hosts > Open each XML file and look for powershell, bash, exe, or vbs