please have a look at below
these are the logs of last packages generated LOGS in behaviour file
i am worried about the MODIFY bit in my registry. does that mean some one is hacking into my computer to do that?
is all this ok
please advise
* Started on: Thursday, June 14, 2012 4:06:16 PM
*
14/06/2012 21:15:27 Modification of: \REGISTRY\MACHINE\System\CurrentControlSet\Services\wuauserv\Type
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
Via: C:\WINDOWS\system32\services.exe
-> Action allowed
14/06/2012 21:16:01 Modification of: \REGISTRY\USER\S-1-5-21-2052111302-1960408961-682003330-1003\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
Via: C:\Program Files\Internet Explorer\IEXPLORE.EXE
-> Action allowed
14/06/2012 21:16:52 Modification of: \Registry\Machine\System\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
Via: C:\WINDOWS\system32\regsvr32.exe
-> Action allowed
14/06/2012 21:28:52 Modification of: \REGISTRY\USER\S-1-5-21-2052111302-1960408961-682003330-1003\Software\Microsoft\Internet Explorer\Main\FullScreen
By: C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
Via: C:\Program Files\Internet Explorer\IEXPLORE.EXE
-> Action allowed
*
* avast! Real-time Shield Scan Report
* This file is generated automatically
*
* Started on: Friday, June 15, 2012 7:47:16 AM
*
*
* avast! Real-time Shield Scan Report
* This file is generated automatically
*
* Started on: Friday, June 15, 2012 12:06:35 PM
*
*
* avast! Real-time Shield Scan Report
* This file is generated automatically
*
* Started on: 16 June 2012 07:52:11
*
16/06/2012 10:00:47 Modification of: \REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations
By: C:\WINDOWS\Installer\MSI48.tmp
Via: C:\WINDOWS\system32\MsiExec.exe
-> Action allowed
*
* avast! Real-time Shield Scan Report
* This file is generated automatically