I'm confused. I recently upgraded to version 1.4 and I get the following listing in the system startup portion of Spybot. These are new since upgrading to version 1.4:

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll


Here is my question: Various places on the web say that these files are harmful:

crypt32chain
winnotify.dll
senslogn

For examples, see www.liutilities.com and www.processlibrary.com

However, this Spybot forum says they are not harmful. For example, see this forum entry: http://forums.spybot.info/showthread.php?t=6710&highlight=crypt32chain
Can you explain the descrepancy? I am very concerned.

Thanks in advance.

Can I get a response please? I just received a warning message from my browser that a security certificate for my bank does not match correctly. The warning is that "someone may be trying to eavesdrop."

What is going on? Spybot says these files are safe; others says they are malicious, and now I'm getting keylogging messages. I would much appreciate Spybot providing some input here.

Hello

Can I get a response please?
I moved your topic to the Spybot-S&D forum from Malware removal because you had not followed the procedure for that forum and helpers might overlook your topic.

bitman describes the processes to another concerned member here:
http://forums.spybot.info/showthread.php?t=2314


The entries you've highlighted are normal for a Windows XP system, are related to the Windows 2000/XP WinLogon Event Handler Service and Spybot S&D 1.4 was the first version to display them. Malware that affect these entries do exist, but you don't appear to have any, so leave them alone.




I just received a warning message from my browser that a security certificate for my bank does not match correctly. The warning is that "someone may be trying to eavesdrop."

What is going on? Spybot says these files are safe; others says they are malicious, and now I'm getting keylogging messages. I would much appreciate Spybot providing some input here.

We should take a look at the System, please follow the procedure in this link:

"BEFORE you POST" -Preliminary Steps and scanning with SPYBOT-S&D (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the malware forum:

Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22)

Once you have posted, a helper will take a look at the logs as soon as available and give any further instructions necessary.

Regards. :)

Topic is here:
http://forums.spybot.info/showthread.php?t=8444