I have two machines using NIS2010 at the moment, both running Windows 7.  I have a bunch of messages in my history for "Unauthorized Access Logged".  Here is the full message:

Severity:  Medium

Activity:  Unauthorized access logged (Access Process Data)

Recommended Action:  No Action Required

Under Advanced Details:

 Actor: C:\WINDOWS\SYSTEM32\CONHOST.EXE

Target:  \Device\Harddisk\ProgramFiles (x86)\Norton Online\AddOns\Norton Safety Minder\Engine\1.1.5.15\TampMon.exe

Conhost.exe is a new binary with Windows 7, so my hope / guess is its a false positive?  Anyone else experience this thus far?

EDIT:  I should note that NIS2010 is not throwing an alert for these, they are just in the History, and appear sporadically (1-2 times an hour though).