Last night while watching S2-E2 of “White Collar” on Netflix my Avast antivirus started popping up repeatedly that a threat was detected:

Infection: VBS:Bicololo-CE [Trj]

I shut down the tab it was streaming on and updated/scanned with Malwarebytes. Nothing found. I tried to watch the end of that episode several times and the same thing kept happening. Any ideas?

What is VBS:Bicololo-CE [Trj]?

According to some antiviruses (MacAfee and Avast), VBS:Bicololo-CE [Trj] is a Trojan horse that can affect various operating systems including Windows 8, Windows 7, Windows Vista, Windows XP, and more. It was first discovered in 2013 and still has influence over the years. This dangerous Trojan is often distributed via spam e-mails, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. You should pay attention to all these channels in case VBS:Bicololo-CE [Trj] gets in your computer without your knowledge.

Once inside, Trojan Horse VBS:Bicololo-CE [Trj] will add suspicious files to your system, change your existent system files, temporarily write files to your disk and then remove them. It can also create some malicious registry keys to your registry. You may also notice your computer running slowly. That is because suspected processes with large amount of memory running in your task manger. And then your computer will undoubtedly become slow. VBS:Bicololo-CE [Trj] is a high risk Trojan infection that may pose a serious security threat to your computer. It may steal your important information and data and then used them for malicious purposes. You should remove it without any delay because it will download more threats to damage your computer after infiltration.

How to Remove VBS:Bicololo-CE [Trj]?

To keep your PC safe, you should take immediate action to stop any damage or prevent further damage from happening. Here are some guides that will help you. Please keep reading.

Need help quickly and safely get rid of VBS:Bicololo-CE [Trj]?

>> Click Here to Get Recommended Removal Tool <<

Method 1: Remove VBS:Bicololo-CE [Trj] Manually

1. Reboot your computer and log into Safe Mode with Networking.

Reboot your computer. As the computer is booting but before Windows launches, tap the “F8 key” continuously which should bring up the “Windows Advanced Options Menu” as shown below. Use your arrow keys to highlight “Safe Mode with Networking” option and press Enter key.

F8-key.jpg
Safe Mode with Networking

2. Show hidden files and folders.

a) Open Computer by clicking the icon on desktop. Navigate to Tools, select Folder Options…

computer
folder options

b) Under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

folder-options

c) Click on the “Start” menu and then click on the “Search programs and files” box, Search for and delete these files created by VBS:Bicololo-CE [Trj]:

%AppData%\<random>.exe
%CommonAppData%\<random>.exe
C:\Windows\Temp\<random>.exe
%temp%\<random>.exe
C:\Program Files\<random>

3. Turn on firewall on Windows (optional)

  1. Click on the Start menu and typewindows firewallin the search box.
  2. Pick the Windows Firewall option that pops up in the search results.
  3. In the left sidebar, click Turn Windows Firewall On or Off.
  4. In the General tab, click the on (recommended).

Unless you have another firewall as part of your anti-virus software, leave the Windows Firewall on for public networks. You’ll need it as extra protection when you’re on an insecure Wi-Fi network.

4) Open your Registry Editor and then find out the registry entries of VBS:Bicololo-CE [Trj] virus to remove them (note: new registry entries are still made every month so far):

run-window

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[RANDOM].exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "<random>" = "%AppData%\<random>.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "<random>" = "%AppData%\<random>.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings

5: Reset your IE

a) Open Internet Explorer. Click on the Tools menu and then select Internet Options.

b) In the Internet Options window click on the Advanced tab. Then click on the Restore Defaults button and then press OK.

internet-advanced-reset

Reference Video on How to Remove Similar Trojan Horse Virus

Method 2: Get rid of VBS:Bicololo-CE [Trj] by SpyHunter

SpyHunter uses industry-leading technology will help you detect and remove all intruders, through which you can quickly scan the recently installed programs and remove malicious computer threats that hook deep into your system.Here is the download button:

Step 1: Click the icon to download SpyHunter removal tool

14156-4166

Follow the instrutions to install SpyHunter removal tool

1
spyhunter-setup-win7
spyhunter-installed

Step 2: After the installation, run SpyHunter and click “Malware Scan” button to have a full or quick scan on your PC.

scan

Step 3: Select the detected malicious files after your scanning and click “Remove” button to clean up all viruses.

remove

Optional Method: Download and Install RegCure Pro to Optimize Infected Computer

RegCure pro is the powerful application which contains the dll error fix, malware fix, registry fix functions and can help improve your computer running speed to make your computer run like brand-new.

regurepro-trydownload

Follow the instructions to install RegCure Pro

RegCure-Pro-Installer1
RegCure-Pro-Set-Up1

After the installation, run RegCure Pro to optimize the whole operating system.

RegCure-Pro-Scan1

Fix all the threat that have been detected.

Threats-Fix
Warm tips: If you are not a computer geek and it will be risky to perform manual removal on your own.you are welcome to download Spyhunter automatic removal tool to get rid of VBS:Bicololo-CE [Trj] immediately!

facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation