The Symantec keys were in HKCU\Software\Symantec and HKCU\Software\Software\Symantec. They both gave "access denied" messages, even when in Safe Mode in the administrator profile, though the administrator had full permissions.
Even running the Norton Remove tool in Safe Mode had no effect on the keys. The reason I believe is because they both had subraches, to Common, Systemworks, and Norton Utilities, and those sub-branches were corrupted. I was unable to even see the values.
In the end, I ran SubInACL, a tool in the Windows Resource Kit to reset file and registry ACLs caused by incorrect access control list (ACL) permissions on some registry hives. I followed the instructions indicated here (
http://blogs.msdn.com/astebner/archive/2006/09/04/739820.aspx) to create the following reset command that I then ran from a command prompt:
cd /d "%programfiles%\Windows Resource Kits\Tools"
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f /grant=restricted=r /grant=%USERNAME%=f /setowner=administrators
subinacl /keyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f /grant=restricted=r /grant=%USERNAME%=f /setowner=administrators
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f /grant=users=r /grant=everyone=r /grant=restricted=r /setowner=administrators
subinacl /keyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f /grant=users=r /grant=everyone=r /grant=restricted=r /setowner=administrators
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f /grant=users=r /setowner=administrators
subinacl /keyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f /grant=users=r /setowner=administrators
subinacl /subdirectories %SystemDrive% /grant=administrators=f /grant=system=f /grant=users=e
subinacl /subdirectories %windir%\*.* /grant=administrators=f /grant=system=f /grant=users=e
And it then allowed me to delete these keys as administrator. Then I re-ran the Norton Removal tool from Safe Mode just to be sure.
Although changing the permissions on the local hive while running as adminstrator fixed Avast to run as a limited user, I'm still tempted to uninstall Avast (from Safe Mode with self-protection turned off), rebooting, using the Remove Tool, rebooting, and re-installing again to see if it then installs correctly without my having to make any changes. That would confirm that it was a registry issue that prevented the proper install.
You may want to note these steps in case someone else has Avast install problems due to a permission issue. From what I read on the SubInACL thread, denied permission is not that uncommon and often prevents software from installing properly.