Symantec Documend ID 2009022412404548 (see the link in the Links section) describes how to create exceptions or exclusions for tamper protection alerts that have already been logged.
This event is recorded when the antivirus "thinks" someone is trying to attack it. See Symantec Document IDs 313888, 288444, and 300375 for some examples.
I had more than 50 of these messages per second in my event log. I had no third party spy or ad removal software installed (Symantec suggested this might be the problem). For me, it was the Lenovo ThinkPad. After uninstalling the ThinkVantage Away Manager program, the problem was solved.
Symantec is investigating this problem to determine a solution. To work around the problem, exclude the Symantec processes from SMS or disable Tamper Protection.
To exclude the processes from SMS, create a text file named Skpswi.dat and place copies of it in the \Program Files\Symantec Antivirus and \Program Files\Common Files\Symantec Shared folders. The System Management Service (SMS) tries to access the Symantec processes as they start, first checking owner and version and then monitoring the process as it runs. SMS logs process activity in the file C:\WINDOWS\system32\CCM\Logs\mtrmgr.log. SMS will not scan any folder tree that contains a Skpswi.dat file.
To disable Tamper Protection:
1. Start Symantec AntiVirus.
2. On the Configure menu, click Tamper Protection.
3. Uncheck Enable Tamper Protection.
4. Click OK.