A leftover entry in the operating system is requesting a restart.
An untrusted application on the endpoint is continuously interacting with a system load point, and SEP decides that it needs to aggressively scan on the next restart. Therefore it enables aggressive boot time protection.
Symantec is aware of this issue and is investigating.
This issue can have multiple solutions, depending on the scenario. Symantec recommends that you follow the solutions in order.
In Windows Explorer, browse to the location of the application that is causing the restart prompt.
Right-click on [applicationname.exe], and choose Symantec Endpoint Protection > File Insight.
On the right side, click "Trust Now."
Restart the computer and confirm that the issue is resolved. If the issue persists, or for Scenarios 2 and 3, proceed to the next section.
Scenarios 2 and 3
On the affected machine, log in locally with an administrator account.