To resolve a "Pending Restart" message during installation, restart the computer, which typically clears the information in the "PendingFileRenameOperations" registry key.

Registry Location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager

Name: PendingFileRenameOperations

If this value exists, and you double-click on it, you can see which items it is pending a reboot.  Make note of these values and after a reboot they should clear.

    
Various Windows drivers from Windows or third-party could be included here.

To prevent this error from occurring in the future, immediately restart the computer after you install an application or driver.

If the error persists after you restart the computer, follow these steps:

Open the Windows Registry using regedit.exe.

Search for the entry "PendingFileRenameOperations" in:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\KeysNotToRestore

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager

If you find the entry, first back up each key, and then delete the entry in each key.

Search for the RebootRequired key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired

If you find the key, first back up the key, and then remove the key.

Then reboot your  machine. 

Pending Reboot Detection

It is recommended that systems be rebooted if other installations of either third-party applications or Windows updates have been applied and a pending reboot status is detected.  Starting with Symantec Endpoint Encryption 11.2.1, this reboot check is handled automatically. If a pending reboot is present, the SEE client install will halt, and the MSIEXEC error code will list the following reason:

"1602 - The user cancels installation"

A pending reboot check will halt the install for the following three reasons:

1. Reboot pending after Windows updates.
2. Reboot pending due to SEE Installs
3. Reboot pending due to other third-party installs

In order to force installing the SEE client even though there could be pending reboots, an optional MSIEXEC parameter can be used. This feature works only on SEE 11.2.1 and above and is not recommended by Symantec unless the system has been rebooted, but still fails (sometimes 3rd party applications produce a pending reboot scenario, but can't be cleared, and these are typically less critical.  Windows OS updates require a reboot, and are critical so we do not recommend turning this off post Windows updates):
PRE_INSTALL_REBOOT_CHECK=NO

If you would like to install and bypass this "Pending Reboot" check, run the following installation option:

msiexec /i SEEClientInstaller.msi /l*vx c:\path-of-log-file\SEEInstall-PR-Bypassed-log.txt PRE_INSTALL_REBOOT_CHECK=NO

An Example of the command: 

The above will also create a log file called "SEEInstall-PR-Bypassed-log.txt" which can be reviewed for installation details.

Important Note: If you have failed installs, the error code for failed installs will use the generic "1603".  In order to differentiate between general install failures, and install failures due to a pending reboot scenario, we have a

Symantec Development has created an additional script that can be used to detect if the failed install was due to a pending reboot.  

In order to obtain information on this, please contact support.

Historical Reference Notes:

Symantec Endpoint Encryption 11.2.0 are considered EOL\EOS and should no longer be used.  Upgrade to Symantec Endpoint Encryption 11.3.1 and above.  As of this writing, version 11.4.1 MP1 is the latest.  The information below is provided for historical reference.  Using the newer versions is the best solution for this.

Symantec Endpoint Encryption 11.2.0 included an optional MSIEXEC parameter, which can be added to the install string, which will halt the install if a system is pending a reboot. To add this check, add the following to the MSIEXEC command:
PRE_INSTALL_REBOOT_CHECK=YES

Adding the above will halt the install if a system must first be rebooted due to a previous installation such as a Windows update, or other third-party install that requires a reboot. It is always best to reboot a system to clear out this pending state for best success during an upgrade.

For more information on Best Practices and Debugging Symantec Endpoint Encryption, see the following articles:

161042 - Enabling Logging and Debug Logging in Endpoint Encryption 11

153530 - Best Practices: Symantec Endpoint Encryption and Symantec Drive Encryption