You're probably not encoding the username. Here's the explanation: if you simply compose your Ajax url like:
var url = "nameCheck.php?val=" + document.getElementById('userName').value;
then if the username contains a #, the url will look like this: nameCheck.php?val=some#Name. In this case, the value of $_GET['val'] will be "some", because what's after the # is considered an anchor name. And the username "some" indeed validates. You should use the encodeURIComponent function, like this:
var url = "nameCheck.php?val=" + encodeURIComponent(document.getElementById('userName').value);
Let us know if that was the problem
PS: Even though you said the problem was obviously the # commenting out the rest of the code, your problem has nothing to do with that. echo "#"; works perfectly and doesn't comment anything. As long as you don't eval() it or use it in a create_function() statement, there's no way a simple string containing a # could comment anything.