What is “BScope.Trojan.Sawbones.vf”?

The BScope.Trojan.Sawbones.vf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What BScope.Trojan.Sawbones.vf virus can do?

Dynamic (imported) function loading detected
A process created a hidden window
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine BScope.Trojan.Sawbones.vf?


File Info:
name: 45200170E6538424F936.mlw
path: /opt/CAPEv2/storage/binaries/2ac14f585ca115251e667c8689257fba79a6f03dd808a9a8f7ef047df73e338b
crc32: 9D9507CC
md5: 45200170e6538424f93676d3dc87b079
sha1: 2608dde8db8dfa72b93398b0d0495972d5f2441f
sha256: 2ac14f585ca115251e667c8689257fba79a6f03dd808a9a8f7ef047df73e338b
sha512: 979e543653cd9dc9470c57a21f1810416c992dbfc966150340d8ef0914b4c7020ccd2ca8d5ac97ab74572689d87524db923ef53da143d471f67e1f447e521037
ssdeep: 384:bEt3IzZ7zCdGAuZ0CzTi7u9Iy/yJ9Qb04tV:bEt3w72/uzBn/EY04t
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11DF25C37B8C74573C986827154F54B161B3F22932EB180CBD790698A3E359E1AD3BB83
sha3_384: 5b75cfd7434e80d25d59ecd13d3fe3036bdab1fc2d154e7b4541a070ed927317ee13cb562f6c22b79eb064d542caf2ff
ep_bytes: 558bec6aff68b8504000680c1e400064
timestamp: 2016-04-01 06:32:16

Version Info:
0: [No Data]

BScope.Trojan.Sawbones.vf also known as:

Lionic	Trojan.Win32.Aarwsqo.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader20.29134
MicroWorld-eScan	Gen:Trojan.Heur.JP.cmW@aaRWsQo
FireEye	Generic.mg.45200170e6538424
ALYac	Gen:Trojan.Heur.JP.cmW@aaRWsQo
Sangfor	Trojan.Win32.Wacatac.C
Alibaba	TrojanDownloader:Win32/Generic.d8326e7b
K7GW	Trojan ( 0040f8b51 )
K7AntiVirus	Trojan ( 0040f8b51 )
BitDefenderTheta	AI:Packer.5993F9C91E
Symantec	ML.Attribute.HighConfidence
Paloalto	generic.ml
BitDefender	Gen:Trojan.Heur.JP.cmW@aaRWsQo
NANO-Antivirus	Trojan.Win32.JP.flwmkc
Avast	Win32:Malware-gen
Tencent	Win32.Trojan.Downloader.Palk
Emsisoft	Gen:Trojan.Heur.JP.cmW@aaRWsQo (B)
McAfee-GW-Edition	BehavesLike.Win32.Generic.nz
Ikarus	Trojan-Downloader
Avira	TR/Downloader.Gen
Microsoft	Trojan:Win32/Ymacco.AA08
GData	Gen:Trojan.Heur.JP.cmW@aaRWsQo
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Gen.Generic.C4590475
McAfee	Artemis!45200170E653
MAX	malware (ai score=80)
VBA32	BScope.Trojan.Sawbones.vf
APEX	Malicious
Yandex	Trojan.DownLoader!n4+2dGDYaE0
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.110168911.susgen
AVG	Win32:Malware-gen
Cybereason	malicious.0e6538

How to remove BScope.Trojan.Sawbones.vf?

BScope.Trojan.Sawbones.vf removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X