Today i had a strange problem regarding a HP Software installation. The client had Symantec Endpoint Protection 12.1 installed.

The windows event log had the following entry:

SYMANTEC TAMPER PROTECTION ALERT 
Target: C:Program FilesSymantecSymantec Endpoint Protection12.1.671.4971.105BinccSvcHst.exe 
Event Info: Open Process 
ActionTaken: Blocked 
Actor Process: C:HP_LJM2727_FULL_SOLUTION_AM_EMEA1SETUPHPZSHL01.EXE (PID 4192) 
Time: Sonntag, 11. März 2012 16:47:26 

So the Tamper protection blocked the installation of the HP software.

To fix this you can adapt the 'Exeception Policy' and add an entry for the installation folder of the HP Software. Another way would be to disable tamper protection till the installation is done (remember to update the policy or wait for the policy to be updated)