Another "Chinese" key was created yesterday. Again, with a reference to Avast (different):
潣癡獡灩汃敩瑮慐慲敭整獲䌮湯楦畧慲楴湯敖獲潩ne
Interpreting this as 8-bit ASCII characters rather than 32-bit UNICODE characters yields this (refers to Avast's ".ConfigurationVersion" rather than ".IsConnectedToManagedConsole"):
ÿþcom.avast.ipm.ClientParameters.ConfigurationVersion e
I noticed this new "Chinese" key shortly after I ran Avast's "Smart Scan" -- but I don't know if it was in the registry before that.
Additional information, if it would help:
When these "Chinese" keys first started appearing back in November, there were a couple plain English keys that also appeared in the root of HKCU (i.e., out of place):
"MThree Development" (see JPG attached)
and
"system52216"Here are the abovementioned keys, exported:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\潣癡獡灩汃敩瑮慐慲敭整獲䌮湯楦畧慲楴湯敖獲潩ne]
"cl"=dword:00000003
[HKEY_CURRENT_USER\潣癡獡灩汃敩瑮慐慲敭整獲䌮湯楦畧慲楴湯敖獲潩ne\cache2]
[HKEY_CURRENT_USER\潣癡獡灩汃敩瑮慐慲敭整獲䌮湯楦畧慲楴湯敖獲潩ne\
[HKEY_CURRENT_USER\MThree Development]
[HKEY_CURRENT_USER\System52216]