Adobe ARM is the Adobe Reader Manager. ARM is the update manager for Adobe Reader that automatically opens on Windows start-up. This program notifies you of updates and downloads to keep you software up to date. It is not uncommon for this process to trigger a Symantec Tamper Protection Alert similar to the following:
Currently, we have seen this alert only on Windows machines using SEP 12. Specifically, Windows XP, and Windows 7 have popped these up. Over a short amount of time, these can become a little annoying, so I am including some instructions on how to add a Symantec Program Exception to ignore the AdobeARM.exe alerts.
First, open up Symantec Endpoint Protection from your start menu. You will soon see a screen that looks like the following. From here, click on the ‘Change Settings’ item on the left hand side. Now choose the ‘Configure Settings’ button in the ‘Exceptions’ area:
From here you will be shown a list of your current exceptions (probably empty at first – the following screen shot shows the screen after adding the exception). You will now click on the ‘Add’ button and choose ‘Program Exception’ from the drop down list.
You will need to now browse to the location of the AdobeARM.exe program. This is usually located in the following location, although you will want to confirm this from the original Tamper Protection Alert.
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Once you browse and select that file you will click on the ‘OK’ button.
You have now added this exception and Symantec should not longer complain. Let us know if there are any additional details you learn or if this alert shows up on a previously unreported platform. Enjoy!