Tamper protection is protecting symantec processes from other services / process from tampering.
Most of the times it would be viruses which tries to disable AV so that its job becomes easier.
However even legitimate programs too generate this tamper protection alert.
When you get the tamper protection alert you should check the Actor process, that would tell you who is in conflict.
for ex: Actor Process: c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (PID 348)
which is a legitimate logitech process.
It detects uphclean.exe too
when two services trying to access same resourcess and one trying to close the thread of other process, I think this alert will be generated. if the programs is legitimate please create an exception.
I think the program is legitimate thats the reason why the scan returned nothing
Tamper Protection is detecting UPHClean.exe.
http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/2e9986d4443d81d7882574c8007e60ac?OpenDocument
How to configure Tamper Protection in Symantec Endpoint Protection 11.0
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092616550248?Open&seg=ent