SUSPICIOUS items in LOGS

Avast Free Antivirus / Premium Security
1

please have a look at below

these are the logs of last packages generated LOGS in behaviour file

i am worried about the MODIFY bit in my registry. does that mean some one is hacking into my computer to do that?

is all this ok
please advise

  • Started on: Thursday, June 14, 2012 4:06:16 PM

14/06/2012 21:15:27 Modification of: \REGISTRY\MACHINE\System\CurrentControlSet\Services\wuauserv\Type
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
Via: C:\WINDOWS\system32\services.exe
→ Action allowed
14/06/2012 21:16:01 Modification of: \REGISTRY\USER\S-1-5-21-2052111302-1960408961-682003330-1003\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
Via: C:\Program Files\Internet Explorer\IEXPLORE.EXE
→ Action allowed
14/06/2012 21:16:52 Modification of: \Registry\Machine\System\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
Via: C:\WINDOWS\system32\regsvr32.exe
→ Action allowed
14/06/2012 21:28:52 Modification of: \REGISTRY\USER\S-1-5-21-2052111302-1960408961-682003330-1003\Software\Microsoft\Internet Explorer\Main\FullScreen
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
Via: C:\Program Files\Internet Explorer\IEXPLORE.EXE
→ Action allowed
*

  • avast! Real-time Shield Scan Report

  • This file is generated automatically

  • Started on: Friday, June 15, 2012 7:47:16 AM

  • avast! Real-time Shield Scan Report

  • This file is generated automatically

  • Started on: Friday, June 15, 2012 12:06:35 PM

  • avast! Real-time Shield Scan Report

  • This file is generated automatically

  • Started on: 16 June 2012 07:52:11

16/06/2012 10:00:47 Modification of: \REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations
By: C:\WINDOWS\Installer\MSI48.tmp
Via: C:\WINDOWS\system32\MsiExec.exe
→ Action allowed
*

  • avast! Real-time Shield Scan Report
  • This file is generated automatically
2

hey if you suspect something malware related please fallow this guide and post the logs here. then a malware guide will guide from there.

http://forum.avast.com/index.php?topic=53253.0

good luck and welcome to the forum.