Chrome turning Chinese on me

Status
Not open for further replies.
Joined
Oct 25, 2012
Messages
4,823
Location
Taiwan
This year I don’t have an office, so I’m mostly using a laptop and wireless internet, which is a PITA. Have had a variety of problems (“Excel has stopped working and needs to close. Windows is looking for a solution to this problem blah blah…”)

One possibly terminal problem is that my favored browser Chrome is translating (I assume) some of the texts of some websites into Chinese. Started with a US-based online STEM course and has now “spread” to my yahoo email, rendering it unusable.

I don’t read Chinese, I’m not about to learn, and since this is presumably some kind of machine translation its probably wrong anyway.

I have the browser language set to English, of course. Clearing the browser history doesn’t seem to make any difference.

Running Windows 10. Microsoft Edge is on it but doesn’t seem to work properly and sometimes won’t start, though I suppose I could try another browser.

Had a search on the internyet but didn’t find anything useful.

Suggestions? Re-install everything would be an obvious one I suppose but that'll be difficult and disruptive.
 
Originally Posted By: Ducked


Suggestions? Re-install everything would be an obvious one I suppose


01.gif
 
Any chance you are connecting through a proxy that has a Chinese IP? Our MPLS connection hosed up a year ago and we defaulted through Germany and Google.de was our default until the connection was restored. Otherwise, nuke it, you will be better off in the long run.
 
Originally Posted By: JC1
Run something like ccleaner first and a GOOD antivirus program first to see what it finds.


Ran ESET online scanner about a month ago and it found (and apparently cleaned):-

C:\Users\ducked\AppData\Roaming\OpenCandy\7DFD890D8B0346BFBCD580D059F7FC09\PCReviver_2.0.0.44.exe
a variant of Win64/PCReviver.B potentially unwanted application

C:\Users\ducked\AppData\Roaming\WindowsServices\installer.vbs VBS/Agent.NKG worm
C:\Users\ducked\AppData\Roaming\WindowsServices\movemenoreg.vbs VBS/Agent.NKG worm

That's consistent with an observed strongly suspected infection of a couple of USB's (directories converted to shortcuts) which seems to be usually caused by a VB script. Although all my USB's are "immunised' with Panda, evidently it didn't work against this particular threat.

Used to have write-protectable USB's but havn't seen them for sale for quite a while.

Have AVG free installed. Doesn't currently find anything.

I'll try CCleaner, and re-run the above. Thanks for the suggestion.
 
Last edited:
Malwarebytes is an Anti-Virus and Anti-Malware/Ad-Ware etc. It really is a good deep search tool for junk. It eliminates a lot of hard to remove stuff.
 
Originally Posted By: 2015_PSD
Any chance you are connecting through a proxy that has a Chinese IP? Our MPLS connection hosed up a year ago and we defaulted through Germany and Google.de was our default until the connection was restored. Otherwise, nuke it, you will be better off in the long run.


I'm in Taiwan. I've had a Chinese IP (well, sort-of-Chinese IP) for the last 12 years. That occaisionally causes problems with search Engine results (seems to be a long-standing problem which Google aren't interested in fixing) but it hasn't caused "spontaneous" translation of web pages before as far as I can remember. Certainly nothing on this scale.
 
Originally Posted By: StevieC
Malwarebytes is an Anti-Virus and Anti-Malware/Ad-Ware etc. It really is a good deep search tool for junk. It eliminates a lot of hard to remove stuff.


Yeh, had that on my old desktop machine but hadn't yet got around to putting it on this laptop. Everything takes ages on WiFi.
 
2.4GHz Wifi is quite slow, I'm so glad I upgraded to 5GHz because I actually get the full download speeds that my internet provider provides me.
smile.gif
 
Originally Posted By: StevieC
Malwarebytes is an Anti-Virus and Anti-Malware/Ad-Ware etc. It really is a good deep search tool for junk. It eliminates a lot of hard to remove stuff.


Agreed. Best $19.95 I ever spent on software, didn't know it at the time (May 2014) thought was buying a license for that version of Premium only but it was lifetime and I get new versions upgrade when they come out. Just upgraded to version 3.2.2.2029 recently.
 
2.4ghz wifi isnt slow, you can get hundreds of Mbit/second on it.

now if its congested, has a ton of people on it, old hardware thats sketchy etc.. that all is possible.

2.4 has much better range than 5ghz. I do put my streaming boxes on 5ghz just to alleviate congestion on the 2.4ghz AP's
 
It may be over-enthusiastic about detecting your location? Check in Settings: Search for Languages and make sure that the languages you want to use are the only ones installed. In Settings I am pretty sure you can also opt out of the page translation.
 
Originally Posted By: 2015_PSD
Any chance you are connecting through a proxy that has a Chinese IP? Our MPLS connection hosed up a year ago and we defaulted through Germany and Google.de was our default until the connection was restored. Otherwise, nuke it, you will be better off in the long run.


This. I see it at work sometimes.
 
Originally Posted By: StevieC
2.4GHz Wifi is quite slow, I'm so glad I upgraded to 5GHz because I actually get the full download speeds that my internet provider provides me.
smile.gif




No it isn't. Even a "slow" 300Mbps wireless connection is more than triple what most people have for their outbound Internet link.

Don't fall for the "faster wifi" meme that the router manufacturers push. If you saw a speed increase on 5GHz, you probably just had a ton of congestion on 2.4 or some insanely-think walls the signal wasn't penetrating well.
 
By the time you factor in noise and re-tries because pretty much everyone has a 2.4ghz band or some other device interfering with it you aren't achieving the 300 speeds in actuality. And yes I did a wireless site survey for open channels and noise etc. 5GHZ is far superior in speed and reliability by almost 6x if your setup is right.

Also consumer grade routers are terrible, even the expensive ones. Professional Dual Band access points is the way to go, plugged into a switch that handles Jumbo Frame. The gigabit file transfer across my network is leaps/bounds faster than it was on the same band with a traditional router of the higher end variety.
 
Last edited:
Originally Posted By: uc50ic4more
It may be over-enthusiastic about detecting your location? Check in Settings: Search for Languages and make sure that the languages you want to use are the only ones installed. In Settings I am pretty sure you can also opt out of the page translation.


Page translation is off, though its described as "offer to translate pages you can't read" and it is in fact apparently translating some text that is in the language the browser is set to use (English) without offering to do anything.

Last night WORD was suddenly unable to find Times New Roman and started with some weird (Simplified Japanese?) text, so it may not be just a browser issue (though that may be an unrelated one-off).

Malware Bytes found 4 PUP instances. However, there's now nothing in quarantine. Don't like that much, since I didn't tell it to delete them.

ESET online scanner ran overnight for about 8 hours and didn't find anything. A long time but perhaps its thorough, since last time it found the VB script stuff that Panda Cloud Cleaner (in basic mode) apparently missed.

Panda Cloud Cleaner in ("advanced") "Trusted Boot" mode (dunno exactly what that means, perhaps like "safe mode") didn't find anything either.

The resident AVG free won't update via the campus WiFi ("Unknown Error") but would on a borrowed off-campus ethernet wire, and didn't find anything.

I "innoculated" the laptop with Panda, which disables autorun and saves me screwing around with the register directly. Autoplay was already turned off. I also changed the boot order so I should be able to boot off an antivirus usb stick or CD/DVD to get a clean boot, though I'll need a clean PC to make one and those are rare in Taiwan.

Have to buy a usb or two since don't want to put the infected ones in a PC to recover them. IIRC Panda innoculation (dummy autorun.inf) means they have to be hex-edited before you can reformat them.

I'll re-run MB and then do ccleaner.
 
Last edited:
Malware Bytes re-run found the PUPs again, so I must have failed to complete the process.

Folder: 3
PUP.Optional.OpenCandy, C:\Users\ducked\AppData\Roaming\OpenCandy\7DFD890D8B0346BFBCD580D059F7FC09, No Action By User, [524], [173202],1.0.3003
PUP.Optional.OpenCandy, C:\Users\ducked\AppData\Roaming\OpenCandy\F5F755118C4A4860B058ABD94365073F, No Action By User, [524], [173202],1.0.3003
PUP.Optional.OpenCandy, C:\USERS\DUCKED\APPDATA\ROAMING\OPENCANDY, No Action By User, [524], [173202],1.0.3003

File: 1
PUP.Optional.OpenCandy, C:\Users\ducked\AppData\Roaming\OpenCandy\F5F755118C4A4860B058ABD94365073F\Opera_NI_stable.exe, No Action By User, [524], [173202],1.0.3003

Nothing else found those, but they aren't considered malicious, and are probably unlikely to be associated with these problems.

Seem to be mixed views on't net about CC Cleaner, and it has apparently been compromised and delivered malware in the past.

If I run it I'll tell it to leave the registry alone.
 
Status
Not open for further replies.
Back
Top