WindowsXP-Shell32.dll Taking Screenshots-Normal?

Hello All Recently a dedicated anti-keylogger program (recommended at spywarewarrior) told me "C:\Windows\System32\Shell32.dll" was taking screenshots when I told the PC to shut down. It wants to know if I should Allow or Disallow this? So do I , lol.

Can anyone tell me if this is normal behaviour for this .dll and if so, what purpose does this serve?

All Replies Much Appreciated!
N/O

My PC Specs:
(please no snickering)
Field Value
Computer
Operating System Microsoft Windows XP Home Edition
OS Service Pack Service Pack 2
DirectX 4.09.00.0904 (DirectX 9.0c)
Computer Name YOUR-7008FFA13B (Cynthia's Computer)
User Name Compaq_Owner

Motherboard
CPU Type Intel Celeron D 330, 2666 MHz (20 x 133)
Motherboard Name MSI Gamila/Giovani/Neon Series
Motherboard Chipset Intel Brookdale-G i845GEV
System Memory 503 MB (DDR SDRAM)
BIOS Type Award (08/05/04)
Communication Port Communications Port (COM1)
Communication Port ECP Printer Port (LPT1)

Display
Video Adapter Intel(R) 82845G/GL/GE/PE/GV Graphics Controller (64 MB)
3D Accelerator Intel Extreme Graphics
Monitor Proview 777(N) / 786(N) [17" CRT] (FAUL48020072C)

Multimedia
Audio Adapter Intel 82801DB ICH4 - AC'97 Audio Controller [B-0]

Storage
IDE Controller Intel(R) 82801DB Ultra ATA Storage Controller - 24CB
Disk Drive WDC WD800BB-22JHA0 (74 GB, IDE)
Disk Drive Generic USB SD Reader USB Device
Disk Drive Generic USB CF Reader USB Device
Disk Drive Generic USB SM Reader USB Device
Disk Drive Generic USB MS Reader USB Device
Optical Drive HL-DT-ST RW/DVD GCC-4481B (DVD:16x, CD:48x/32x/48x DVD-ROM/CD-RW)
SMART Hard Disks Status OK

Partitions
C: (NTFS) 71532 MB (39462 MB free)
D: (FAT32) 4767 MB (834 MB free)
Total Size 74.5 GB (39.4 GB free)

Input
Keyboard Compaq PS2 Keyboard (2K - 3)
Mouse PS/2 Compatible Mouse

Network
Network Adapter Realtek RTL8139/810x Family Fast Ethernet NIC (24.226.40.102)
Modem Agere Systems PCI Soft Modem

Peripherals
Printer Broderbund PDF Converter 2.10d
Printer Fax
Printer hp psc 1300 series
USB1 Controller Intel 82801DB ICH4 - USB Controller [B-0]
USB1 Controller Intel 82801DB ICH4 - USB Controller [B-0]
USB1 Controller Intel 82801DB ICH4 - USB Controller [B-0]
USB2 Controller Intel 82801DB ICH4 - Enhanced USB2 Controller [B-0]
USB Device American Power Conversion USB UPS
USB Device USB Mass Storage Device
Battery APC Battery BackUP

 

I've never heard of this before (perhaps someone else has)

What is the name of this 'dedicated anti-keylogger program' ?

As far as I remember GDI would be used if taking screenshots, unless a function in shell32 is invoking GDI.

Whats the exact message ? does the program have a support forum ?

 

Thanks for the quick response M/C. The program is Anti-Keylogger Elite found at www.remove-keyloggers.com/ . No support forum, just e-mail/ticket support. The exact message it gives me, when I click Turn Off Computer from the Start Button, is:

Anti-Keylogger Elite (window title)
C:\Windows\System32\Shell32.dll is trying to install Windows Hook and has been blocked. This program is trying to take screenshots of your computer. This module has a MS Certificate.
Allow? Disallow?

Should I just allow it because it has a 'MS Certificate'?
Guess I just don't understand why it needs to take a screenshot..

(BTW, I went with this particular program (trial) because it offers a secure keyboard to use for internet shopping transactions and other sensitives which it claims protects you from kernel based key-loggers and I couldn't find another recommended program which specified protection from both hook and kernel based loggers...)

Appreciate the Feedback,
NyteOwl