Tamper protection works, at least partially, off whitelisting.  Symantec maintains a list of files that tamper protection should ignore.

Tamper protection does what it says...it's designed to watch for something trying to tamper with Symantec processes and kill it.  It doesn't discriminate...if something messes with our processes, it jumps on it.  Built into the product, however, is a whitelist check, and if something is whitelisted, it's allowed to go.  An example of this would be LiveUpdate...LU goes after the virus definitions when it updates (as it obviously should).  Tamper protection sees this...but LU is on the whitelist, so it's allowed.

We've seen issues like this in the past where something wasn't whitelisted and tamper protection alerts started happening.  Heck, I've seen tamper protection alerts happen on uninstall via Add/Remove Programs before.

I recommend that you contact support so that we can open up a case with development to get this examined.

I've got a list of roughly 6 items that need to be addresses, I guess I could spend all week on the phone...........
We have this issue, we've got performance issues, we've got SEP blocking GHOSTING, I could go on and on...........
I think we need someone on-site!
Well, I'll add this to the list of things too complex for now and that I need to call about..............when I get time to spend on the phone.
I'm not really joking - it's sort of funny, and sort of not. We've a HUGE list of "cases to open" and no one has time to sit and do them.
For now, sorry, but no offense, this is so minor, I don't have time to mess with it as long as I suspect it's a simple matter of Symantec broke the white list.
This just happened this week, was fine last week and for all the months before.
This is an annoyance, but we have a lot of broken stuff that's preventing folks from working I need to deal with first.
At least thanks for the tip and possible explanation!
(I can't subscribe to any threads or messages any more, so I guess I was lucky to see your response! - see, no options to subscribe)

I have to wonder - I do have a list - some items have been shelved for months. Some are minor, some not.
the product is great, however, we're being overwhelmed................. problems big and small, each needing to be addressed, and now - NO training money, no travel money, no new hires, and in fact, all temps and contractors gone by the end of the month, leaving us short 2 more people!
OK, pad this thread like a rubber room - I'm ready for it! LOL
OH - we loose our state retirement contributions for the next 7 months and have to take 5 unpaid days off between now and next June 30. That'll help out the time we have to solve issues!

time to get back to figuring out SEP blocking GHOST..............
BTW - another successful Windows 7 install here with no issues. Whew.
Thanks to you online guys and gals and all you do.