C:\WINDOWS\System32\ikhcore.log

After running full system scans using my 3 different malware programs (PC Tools Spyware Doctor, Webroot Spy Sweeper, and Spybot Search and Destroy) with no problems found, I ran HijackThis with log and found NO suspicious entries (I am quite familiar with the process and file entries)...But on defragging drive C, one file remained fragmented...The file as titled above...Is this a left-over from a keylogger-and-dialer that may have been removed in an earlier malware scan? --or-- Is it a legitimate log file for a known legitimate program?...If the former I'd like to remove it.

TIA

Bruce

 

chaslang...

Thanks for your reply...To answer your questions, Yes the file can be moved and yes it can be renamed...I did open it in Notepad before I posted my first inquiry but I didn't understand what was being logged...It seems to log some process activity and service descripter table entires, kernels loaded included Security Kernel Started, system call manager verifying system call, NtCreateKey, NtDeleteKeyValue, NtCreateProcessEx (real:memory=805a4516:baf6056e), etc...These entries and others in slightly different content are repeated over and over, again.

I'm beginning to think it is an internal log for my anti-virus program (MacAfee) or one of my anti-spyware programs as named in my first posting.

A Google search shows some forum postings (mostly in German or other-than English languages) that would suggest others have questioned its relevance to malware...I don't really know insofar as the English translations are somewhat cryptic so I can't really understand what the substance of the discussions are...Perhaps its a harmless log as I don't have any functional problems with my computer's performance at the moment...I hope so.


Bruce