Problem with rootkit win32k.sys

You may want to read up on this file first before trying to remove it.

What is win32k.sys?

Multi-User Win32 Driver file.
Is win32k.sys safe?

This win32k.sys file is safe and should not be considered threat to your computer.

Overall threat: No
Spyware: No
Trojan: No
Virus: No

How do I prevent win32k.sys from loading?

The win32k.sys process is part of Microsoft Windows and should not be deleted or prevented from loading each time Windows loads. Doing so could cause errors or Windows to stop working.

What is the win32k.sys file?

With multiple av programs on you likely now see AVG reporting a false positive if no other program is detecting any malwares on the system. The variation of that being the "C:\WINDOWS\win32k.sys:2" is known to be a ZeroAccess rootkit.

The win32k.sys file however is a Windows driver that seems to be corrupted where you could expand a fresh copy from the 7 dvd at the command prompt to the bad file replaced. The information on the two different files can be seen at win32k.sys - win32k.sys:2 - Program Information

Windows 2000, XP, and Vista as well as 7 all see the exact same NT form of driver. You can find that in the "C:\Windows\System32\" folder on each of the versions.

The AVG log shows that the file was found corrupted not infected by or being a malware where the reformat of the drive and recovery clean install would see the fresh copy of that as well as every other main file go back on. This is why the other programs failed to detect it being a normal system file you would expect to see.

I bet you are running better now however. As far as av programs it's always best as elstupido pointed out to have only one on at a time due to the often seen software clashes. Most installers will automatically prompt on seeing another program removed first before the install will continue.

Stop the process in Task Manager, then un-install IObit\Advanced SystemCare

I had the Advanced System Care on here for a bit along with the free edition of AVG a couple of years back and never had any real problems. But the mesh even in compatibiliy mode of all the programs conbined isn't good.

This is one reason I went with a newer program(VIPRE Internet Security 2012 presently on) someone recommended and found it covers more then several combined! The ASC program wasn't even on the retail 7 but had been on Vista along with AVG at the time and later while running the 7 beta builds.

If the log from the scan was seen before you used the recovery option it wouldn't matter now since AVG was pointing at a corrupted file. If still seeing the same the recovery may not have been as full leaving the driver file needing replacement if other problems are appearing.

Between a run of the System File Checker using the sfc /scannow command at the Start>Run command line while having the 7 disk in the drive and even booting live for the Repair tools to run the Startup repair tool may see the file replaced for you if you are running into start up problems.