• Status: Solved
  • Priority: High
  • Security: Public
  • Views: 47
  • Last Modified:

Odd Registry entry

I've never seen this in the registry, the odd characters...is this okay?

Registry entry
Thanks,
Mags
0
Mags
Asked:
Mags
  • 24
  • 15
  • 6
  • +2
6 Solutions
 
it_saigeDeveloperCommented:
Those usually signify corrupted or malicious keys, you should be able to open them to see what they affect and remove them after you remove any dependencies (other keys and/or files).

-saige-
0
 
MagsOwnerAuthor Commented:
Thanks...I'll take a closer look and send another screen shot if necessary.
0
 
JohnBusiness Consultant (Owner)Commented:
On a North American or European Machine there should not be (apparently) Chinese registry entries.

Check them carefully and run Virus scans.

Is the same machine as you have been working on
1
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
MagsOwnerAuthor Commented:
This is what I see

Registry expand
0
 
JohnBusiness Consultant (Owner)Commented:
That is not Windows stuff at all
0
 
MagsOwnerAuthor Commented:
I've been running scans...Chrome was a issue with redirects. Resolving that now. Found this when I was going into Googles registry entries.
No...this is a different computer John...busy couple of days!
0
 
MagsOwnerAuthor Commented:
I have already backed up the Registry...shall I delete them?
0
 
JohnBusiness Consultant (Owner)Commented:
Look also in the Hosts file if you are getting redirected.

C:\windows\system32\drivers\etc
0
 
JohnBusiness Consultant (Owner)Commented:
Yes I would
0
 
MagsOwnerAuthor Commented:
I am also getting an error message when attempting to do a full uninstall of Google Chrome...thoughts?

Google Chrome error
1
 
it_saigeDeveloperCommented:
Most likely a rights issue, you can take ownership of the key (and children) in order to remove.

-saige-
0
 
McKnifeCommented:
Highlight each of the 3 "Chinese" keys and export them. Then upload these 3 files here for me to look at.
1
 
MagsOwnerAuthor Commented:
Tried, gave permission, still error and unable to delete.
1
 
MagsOwnerAuthor Commented:
Too late McKnife, I already deleted them. Restarted computer, no issue.
0
 
McKnifeCommented:
You must be joking :-|. Never delete something before exporting - 1st rule with regedit.
0
 
MagsOwnerAuthor Commented:
I already exported the entire registry (see my notation above), I thought that was a good preventative measure in case there was an issue.

Next?
1
 
McKnifeCommented:
Well, those keys can be seen in the exported registry. Open the backup in a good editor, for example notepad++, and search cache2, that will find these Chinese keys. Then copy the portions and paste them here.
0
 
MagsOwnerAuthor Commented:
Here you go McKnife. Thanks for your help

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㒐沂\cache2]
[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㙤㌹〲捥捦㌰㈱攱摤挷㑦㌹㑦㘹㈱〸ㅤ〵㠹㌲〱Գԅԅ䵌䵅0\cache2]
[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\湩楬敮※楦敬慮敭㌽㔵〰ㅤ㜰㔷㜱摢ち㤲挲㥢愰㠸㠳㐲⸸灪g瑬㌀戱e\cache2]
[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\滀᪏ⶈ᪛뺠⟢O\cache2]
1
 
McKnifeCommented:
What have we won if you list the names of the keys that we already know? Nothing :-)
The lines below those should hold some info, quote those, too.
0
 
MagsOwnerAuthor Commented:
i'm not sure what you are really asking for. Here is everything on my search for cache2

      Line 255910: @="IOleCache2"
      Line 346123: @="IOfflineFilesCache2"
      Line 608238: @="IOleCache2"
      Line 733730: @="IOfflineFilesCache2"
      Line 2177631: @="IOleCache2"
      Line 2303123: @="IOfflineFilesCache2"
      Line 2915195: [HKEY_USERS\.DEFAULT\Software\AVAST Software\Avast\cache2]
      Line 2915208: [HKEY_USERS\.DEFAULT\Software\Browser Cleanup\cache2]
      Line 2954911: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\Software\AVAST Software\Avast\cache2]
      Line 2954935: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\Software\AVAST Software\Avast Browser Cleanup\cache2]
      Line 2955126: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\Software\AVAST Software\Browser Cleanup\cache2]
      Line 2955199: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\Software\Browser Cleanup\cache2]
      Line 2960510: "MetadataDownloadCachePath"="C:\\Users\\Mike-PC\\AppData\\Local\\Microsoft\\Media Player\\Cache297455093"
      Line 3217308: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㒐沂\cache2]
      Line 3217315: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㙤㌹〲捥捦㌰㈱攱摤挷㑦㌹㑦㘹㈱〸ㅤ〵㠹㌲〱Գԅԅ䵌䵅0\cache2]
      Line 3217322: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\湩楬敮※楦敬慮敭㌽㔵〰ㅤ㜰㔷㜱摢ち㤲挲㥢愰㠸㠳㐲⸸灪g瑬㌀戱e\cache2]
      Line 3217329: [HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\滀᪏ⶈ᪛뺠⟢O\cache2]
      Line 3324630: [HKEY_USERS\S-1-5-18\Software\AVAST Software\Avast\cache2]
      Line 3324643: [HKEY_USERS\S-1-5-18\Software\Browser Cleanup\cache2]

Please let me know if I need to do anything differently. Thanks
0
 
McKnifeCommented:
Quote lines 3217308 to 3217328, please
0
 
MagsOwnerAuthor Commented:
A couple more for good measure...I hope this is what you want

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㒐沂]
"cl"=dword:00000003

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㒐沂\cache2]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㒐沂\ext]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㙤㌹〲捥捦㌰㈱攱摤挷㑦㌹㑦㘹㈱〸ㅤ〵㠹㌲〱Գԅԅ䵌䵅0]
"cl"=dword:00000003

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㙤㌹〲捥捦㌰㈱攱摤挷㑦㌹㑦㘹㈱〸ㅤ〵㠹㌲〱Գԅԅ䵌䵅0\cache2]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\㙤㌹〲捥捦㌰㈱攱摤挷㑦㌹㑦㘹㈱〸ㅤ〵㠹㌲〱Գԅԅ䵌䵅0\ext]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\湩楬敮※楦敬慮敭㌽㔵〰ㅤ㜰㔷㜱摢ち㤲挲㥢愰㠸㠳㐲⸸灪g瑬㌀戱e]
"cl"=dword:00000003

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\湩楬敮※楦敬慮敭㌽㔵〰ㅤ㜰㔷㜱摢ち㤲挲㥢愰㠸㠳㐲⸸灪g瑬㌀戱e\cache2]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\湩楬敮※楦敬慮敭㌽㔵〰ㅤ㜰㔷㜱摢ち㤲挲㥢愰㠸㠳㐲⸸灪g瑬㌀戱e\ext]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\滀᪏ⶈ᪛뺠⟢O]
"cl"=dword:00000003

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\滀᪏ⶈ᪛뺠⟢O\cache2]

[HKEY_USERS\S-1-5-21-936240840-1351015951-1972136265-1001\滀᪏ⶈ᪛뺠⟢O\ext]
0
 
MagsOwnerAuthor Commented:
What about deleting the rest of Chrome before reinstall??
0
 
JohnBusiness Consultant (Owner)Commented:
Delete it after you uninstall
1
 
MagsOwnerAuthor Commented:
I already uninstalled Chrome. This is leftovers. I tried...it is not letting me

Tried, gave permission, still error and unable to delete.
1
 
JohnBusiness Consultant (Owner)Commented:
Might have to use Revo to uninstall. Be careful with Revo
1
 
McKnifeCommented:
No content in these lines - so if these entries would have been for some malware, we would not be able to recognize what that was good for.
1
 
JohnBusiness Consultant (Owner)Commented:
You said you have a registry backup so you can try deleting the entries
0
 
MagsOwnerAuthor Commented:
John I appreciate your trying to help but you are not understanding. This is what I am trying to delete (see above)

Chrome
0
 
JohnBusiness Consultant (Owner)Commented:
Did you open regedit with Run as Administrator?
0
 
MagsOwnerAuthor Commented:
Yes.
1
 
JohnBusiness Consultant (Owner)Commented:
You may need to do. Repair install or backup and install fresh
0
 
MagsOwnerAuthor Commented:
What is the best link to do a OS refresh so he doesn't lose his installed programs? Too many things going wrong.
0
 
JohnBusiness Consultant (Owner)Commented:
Go to the Media Creation Link and Keep Everything

https://www.microsoft.com/en-us/software-download/windows10

Windows 10 is running, so click on the Download button (not Upgrade Button, select Open (Run) but NOT Save. Allow the program to run. Allow drivers to update. Then select Keep Everything.


Word of caution, Repair Install does NOT fix damage user profiles. Only a complete fresh install will fix that.
0
 
MagsOwnerAuthor Commented:
Then what are you suggesting John...I am remote and don't feel that offers enough support to do a fresh install...if needed what about creating a new user profile??
0
 
JohnBusiness Consultant (Owner)Commented:
You can do a repair install remotely.

If you still have issues that are user profile related, you can backup the profile, delete it and create a new one remotely.
0
 
MagsOwnerAuthor Commented:
Okay...double checking his backup and making sure he has all his activation keys should we need to reinstall any programs.

Why do some refreshes keep all programs and other times deletes programs (apps) that didn't come with the computer?
0
 
MagsOwnerAuthor Commented:
in Firefox I have to save, shall I continue and run from the download?
0
 
JohnBusiness Consultant (Owner)Commented:
I use Run, not Save.  Chrome, IE and Edge will properly prompt and you can Run in place.

If you do download, you can Run the download.
1
 
MagsOwnerAuthor Commented:
No IE or Chrome :-( Edge not working. I will run from the Firefox download
0
 
JohnBusiness Consultant (Owner)Commented:
Do that. Save prompts Run for me properly so this machine appears screwed up.
1
 
JohnBusiness Consultant (Owner)Commented:
I should have said Run is beside Save. Save prompts Save As.  That was changed in Windows 10 more than a year ago.
0
 
MagsOwnerAuthor Commented:
Okay...installing now, I'll keep you posted. Thanks!
1
 
MagsOwnerAuthor Commented:
Refresh finished...now Windows update...more tomorrow!
0
 
nobusCommented:
in your case - i would look in the installed programs -  and check if there is a chinese/korean/Taiwan  software installed
uninstalling this (Revo uninstaller?) can help you get rid of this problem
0
 
MagsOwnerAuthor Commented:
Nobus I did not see any such programs. The OS Refresh resolved all issues, thanks John! I was able to install Google Chrome, IE reappeared and I am able to see all his programs (apps) in the Start Button. The computer is running well.
0
 
MagsOwnerAuthor Commented:
Thanks for all your help!!
0
 
JohnBusiness Consultant (Owner)Commented:
You are very welcome and I am glad that is now all sorted out after all.
0
 
nobusCommented:
i guess it means we all need start learning Chinese
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 24
  • 15
  • 6
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now