I've seen a number of threads about services.exe triggering this response, but not these.  The one that got my attention was PGPTRAY, but looking at the logs, I find more, which I'll list here.

These are are logged as blocked, not merely logged.

I need to know why this is occurring with these innocent items and what, if anything, should be done about it.

Below is the set of blocks, less one for services.exe which is extensively discussed elsewhere.

PGPTRAY.EXE is the tray applet for PGP Desktop.
TEATIMER.EXE is part of the package Spybot Search & Destroy.
CTFMON.EXE is part of Windows.  I believe this one is benign.

HANDLE.EXE from the Sysinternals suite is listed. Sysinternals tools are by nature involved deeper into the system than is typical for users.  I need to know how to use those tools without incurring the wrath of NAV.  I don't see anywhere to add exclusions for them.

The listing is extracted from the exported CSV version of the log.

Thanks for any help.

11/11/2010 12:27 PM
Medium
Unauthorized access blocked (Duplicate Object)
Blocked
No Action Required
"Thursday November 11 2010 12:27 PM"
P:\PROGRAM FILES\PGP CORPORATION\PGP DESKTOP\PGPTRAY.EXE
3648
\Device\HarddiskVolume35\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
2424
Duplicate Object
Unauthorized access blocked

11/11/2010 9:51 AM
Medium
Unauthorized access blocked (Create Registry Key)
Blocked
No Action Required
"Thursday November 11 2010 9:51 AM"
G:\PROGRAM_FILES\SPYBOT_S_AND_D\TEATIMER.EXE
3156
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\"
0
Create Registry Key
Unauthorized access blocked

11/11/2010 12:19 AM
Medium
Unauthorized access blocked (Open Process Token)
Blocked
No Action Required
"Thursday November 11 2010 12:19 AM"
P:\WINDOWS\SYSTEM32\CTFMON.EXE
768
P:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
2428
Open Process Token
Unauthorized access blocked

11/10/2010 11:57 PM
Medium
Unauthorized access blocked (Duplicate Object)
Blocked
No Action Required
"Wednesday November 10 2010 11:57 PM"
C:\SYSINTERNALS\OLD\HANDLE\HANDLE.EXE
2228
\Device\HarddiskVolume35\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
736
Duplicate Object
Unauthorized access blocked

Hi RHSimard,

These are Norton Product Tamper Protection entries.  Processes running on your PC are prevented from interfering with Norton files and processes to keep your protection from being subverted.  The blocking only relates to accessing Norton processes and does not prevent the outside programs from otherwise running normally.  Entries in Norton History used to differentiate between events that were logged and those that were blocked, but this was changed recently so that these types of events are now only shown as "blocked."  Most Norton users see a wide variety of actors in the NPTP logs, so as long as you recognize that the programs are not malicious there is no threat to the PC, and the programs themselves should function unimpeded.

As a side note, it is usually advised to disable TeaTimer in Spybot, as it runs in real time and can block changes to the registry that may be necessary for Norton to make.  It appears, for example, that in one of your entries TeaTimer might have been interfering with one of the Norton add-ons in Internet Explorer, which could possibly relate to Antiphishing or IPS.