RegEdit Error "Cannot Find the File Specified" Accessing Key

Question

I have a corrupted install of Symantec Endpoint Protection on one of my Windows Server 2012R2 servers and I am trying to manually remove the software (following Symantec's guide). Two of the keys (HKLM\Software\Symantec\Symantec Endpoint Protection\CurrentVersion and HKLM\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion) I need to delete are giving me the following error as soon as I try and access either key:

CurrentVersion cannot be opened.
An error is preventing this key from being opened.
Details: The system cannot find the file specified.

I have tried removing it in safe mode. I have tried using the RegDelNull utility from SysInternals. I have tried deleting it from the command line (REG /DELETE) and I have tried deleting the parent key. None of these things worked. It is not a permission issue because if I try and go in to the permissions for this key I just get a red X and the message "The requested security information is either unavailable or can't be displayed."

How can I remove these keys?

Answer 1

I had a similar issue on my Windows 7 box. I eventually figured out that the key was a broken symbolic link. The built-in regedit tool does not seem to properly support these, and acts as described when trying to access such a key.

I managed to delete the broken symbolic link using https://github.com/tenox7/regln like this:

C:\Users\Zero3\Desktop>regln-x64.exe -d "\Registry\User\S-1-5-21-1688150413-3759
594893-2435602081-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extension
s\Approved"

You will need to adapt the path to your use case, of course.

(For reference, I noted that a similar issue was posted here: https://superuser.com/questions/1039043/impossible-to-remove-registry-key)