Today i had a strange problem regarding a HP Software installation. The client had Symantec Endpoint Protection 12.1 installed.
The windows event log had the following entry:
SYMANTEC TAMPER PROTECTION ALERT
Target: C:Program FilesSymantecSymantec Endpoint Protection12.1.671.4971.105BinccSvcHst.exe
Event Info: Open Process
Actor Process: C:HP_LJM2727_FULL_SOLUTION_AM_EMEA1SETUPHPZSHL01.EXE (PID 4192)
Time: Sonntag, 11. März 2012 16:47:26
So the Tamper protection blocked the installation of the HP software.
To fix this you can adapt the 'Exeception Policy' and add an entry for the installation folder of the HP Software. Another way would be to disable tamper protection till the installation is done (remember to update the policy or wait for the policy to be updated)