HELP !!! for "aswmbr.exe" & File: C:\Windows\system32\csrsrv.dll **INFECTED** W

[46926065]

HELP !!!

The original file location is  "C:\Windows\System32\csrsrv.dll ". - The virus can be scanned & found but cannot be cleaned by tool of “aswmbr.exe”  earlier. But now if run "aswmbr.exe" then pc bluescreen & restart automatically everytime.    Pls help to solve it & feedback. Thanks!

"08:10:36.394    AVAST engine scan C:\Windows
08:11:15.623    AVAST engine scan C:\Windows\system32
08:12:45.271    File: C:\Windows\system32\csrsrv.dll  **INFECTED** Win32:Aluroot-B [Rtk]"--   It can be scanned & found but cannot be cleaned by tool of “aswmbr.exe”  earlier. But now if run "aswmbr.exe" then pc bluescreen & restart automatically everytime.

[Asyn]

Attach your basic diagnostic logs. (MBAM and FRST)
Instructions: https://forum.avast.com/index.php?topic=194892

[Michael (alan1998)]

Sorry Asyn to barge in,

Attach the aswMBR log as well as run a Rootkit scan from Malwarebytes.

https://www.malwarebytes.com/antirootkit/

[magna86]

aswMBR is an outdated tool and it is not safe to use plus tool is mainly design for mbr based rootkits.

08:12:45.271    File: C:\Windows\system32\csrsrv.dll  **INFECTED** Win32:Aluroot-B [Rtk]"--

...is most likely a FP. Not malware related issue.

To chech for Rootkit use Malwarebytes with "Scan for rootkits" option enabled or you may use MBAR, but do NOT use aswMBR.
https://www.malwarebytes.com/antirootkit/

[Asyn]

Side note, the functionality has been included in the AV.
As mentioned above, the standalone product is outdated.