I have several clients that are generating several informational Tamper protect messages. However the processes are like Adoe Flash and IEXPLORE.EXE. The security scans seem fine, no viruses and such, but I dont think a Tamper exception is appropriate for these processes.
Any thoughts on if this is normal chatter and/or an issue. The end users are complaining about slowness and blue screens..Im removijg variables in my troubleshooting. An example of the event id log below
Scan type: Tamper Protection Scan
Event: Tamper Protection Detection
Security risk detected: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
File: C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105
Location: C:\ProgramData\Symantec\Symantec Endpoint Protection
Computer: ISXXXXX
User: XXXX
Action taken: Access denied