Page 2 of 2 First 12
  1. #21
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,206

    Re: Weird Chinese symbols in registry

    Let's make sure things are auditing as expected. Please open up regedit again, select HKEY_CURRENT_USER and then add a key in here named Sysnative. Then close the registry and do the following.

    Retrieve Security Event Log
    1. Right-click on the Start button and select Event Viewer
    2. Click the arrow next to Windows Logs and then click on the Security log.
    3. Right-click on the Security Log and choose Save All Events As...
    4. Select your desktop as the location to save and type Security for the File name and click Save.
    5. If you are using a language on your machine other than English then on the next screen please ensure to select Display information for English and click OK. Otherwise you can simply click OK.
    6. There will be a file on your desktop named Security.evtx. Right-click on this file and choose Send To..Compressed (zipped folder) which will create a file named Security.zip.
    7. Please upload this file to SendSpace and provide the link in your next post.


    • Ad Bot

      advertising
      Beep.

        
       

  2. #22

    Re: Weird Chinese symbols in registry

    I feel like a computer tech doing this high tech stuff.Download security.evtx from Sendspace.com - send big files the easy way

  3. #23
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,206

    Re: Weird Chinese symbols in registry

    You did a good job. Everything is set up correctly. You can re-install your AV now if you like and use the computer like normal. If the weird characters ever come back we can look in the Security Event log and it will let us what process created the keys. For example we can see what created the Sysnative key.

    Code:
    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          11/17/2017 11:31:08 PM
    Event ID:      4657
    Task Category: Registry
    Level:         Information
    Keywords:      Audit Success
    User:          N/A
    Computer:      carl-PC
    Description:
    A registry value was modified.
    Subject:
     Security ID:  S-1-5-21-3047833663-3766033810-2322992743-1002
     Account Name:  carl
     Account Domain:  carl-PC
     Logon ID:  0x1960F
    Object:
     Object Name:  \REGISTRY\USER\S-1-5-21-3047833663-3766033810-2322992743-1002\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit
     Object Value Name: LastKey
     Handle ID:  0xf8
     Operation Type:  Existing registry value modified
    Process Information:
     Process ID:  0xad4
     Process Name:  C:\Windows\regedit.exe
    Change Information:
     Old Value Type:  REG_SZ
     Old Value:  Computer
     New Value Type:  REG_SZ
     New Value:  Computer\HKEY_CURRENT_USER\sysnative

  4. #24

    Re: Weird Chinese symbols in registry

    Great ! do I still keep the sysnative key in the registry or delete it? Thanks for your time and expertise . I am always learning from the tech team of the forum kudos, kudos , kudos long live the forum.

  5. #25
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,206

    Re: Weird Chinese symbols in registry

    do I still keep the sysnative key in the registry or delete it?
    You can delete it. It was just a test.

  6. #26

    Re: Weird Chinese symbols in registry

    Good Morning Sysnative forum you can label this thread solved by Brian and Corrine because after I followed their directions I have not seen any weird keys or characters in my registry. How Brian and Corrine teamed up and came up with the unseen solution was terrific. Thanks a million, I love working with you guys and especially Brian because I have had the privilege of working with him the most and I love his work ethics.
    BrianDrab and Corrine say thanks for this.

  7. #27
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,779

    Re: Weird Chinese symbols in registry

    You're certainly right about Brian! He is amazing.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  8. #28

    Re: Weird Chinese symbols in registry

    Corrine you are humble and fabulous at the same time .
    Corrine says thanks for this.

  9. #29
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,779

    Re: Weird Chinese symbols in registry

    Thank you, Carl.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Page 2 of 2 First 12

Similar Threads

  1. Win 10 9926 ISO'S and Symbols on MSDN
    By zigzag3143 in forum Windows 10
    Replies: 0
    Last Post: 01-23-2015, 02:23 PM
  2. Microsoft Windows 8 Banned By Chinese Government
    By JMH in forum News You Can Use
    Replies: 1
    Last Post: 05-25-2014, 05:56 AM

Log in

Log in