REGEDIT/HKCU: While unlinking 2 User folders, found something VERY odd

[FishmanTx]

REGEDIT/HKCU: While unlinking 2 User folders, found something VERY odd! Initially, was attempting to "un-crosslink" a duplicate User documents folder (delete file in one, deletes files in both) and found unusual ASCii characters and what appears as chinese pictogram. Now, I'm NOT new to regedit by any stretch and bought my first computer in 1983 (Sinclair Z-80), so I've been at this a long time, from Win 2.0 through 10. That said, I'm a power user, but no expert. Now, it is possible these are legit BUT let me say that in all the years doing this I've NEVER seen them in the User segment of the registry, in device and driver entries, yes, but never here.
Opinions?? Photo attached...

 

[file3456]

Just a guess, but it may be related to a Chinese made program you installed. That program may or may not still exist. The other possibility is that you have a rootkit or some malware. Check out TDssKilller and Herdprotect portable. I'd run them in safe mode. Herdprotect will have to be run in safe mode with networking.

https://usa.kaspersky.com/downloads/tdsskiller

https://www.softpedia.com/get/PORTABLE-SOFTWARE/Antivirus---Antispyware/Portable-herdProtect.shtml

What does it say in the software and uninstall folder?

 

[file3456]

Another thought. The symbols in that key may be symbols because Windows can't ID the character type used.

Go to the first key there with the two Chinese characters and export, zip and upload here. I'd like to have a look.

 

[torchwood]

Hi

the Default, (x2) user reg entries are also not presesnt, or you've over-ridden/renamed them.

might be usefull to run FRST, as it lists users and reg entries.

Download Farbar Recovery Scan Tool


Roy