I keep getting messages that read, "Unauthorized Access Logged- Medium risk.

The actors are either..

C:windows\system32\conhost.exe

or

C:windows\system32\services.ext

AND...

The Target is always...

\device\hardiskvolume2\programfiles(x86)\symantec\nortononlinebackup\activation\nobuactivation.exe or

\device\hardiskvolume2\programfiles (x86)\Norton Internet Security \Engine\17.5.0.127\cltlmh.exe

it always reads...

No Action Required on both of these targets... and some say Terminal Session: 1

Whats going on here? Malware Bytes is up to date and finding nothing...