dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
10663
share rss forum feed

hjoe

join:2011-10-15

[Qwest] Opting out of CenturyLink Web Helper hijacking not worki

webhelper.centurylink.com will display a spam web page if a person types in a non existing url. Under preferences it says I can opt out but it isn't working.

I know I can switch to a different DNS service, but would rather not have to.



Hazy Arc

join:2006-04-10
Greenwood, SC
Reviews:
·CenturyLink
·Embarq Now Centu..

Re: [Qwest] Opting out of CenturyLink Web Helper hijacking not w

There is an option at the bottom right of that page that says "Disable this service". Hilariously enough, when you click it, you get the following message: "The preference settings for your IP are currently locked either because you are not allowed to set preferences or because the preference server is currently offline."

Looks like you're stuck with moving to another DNS.


scooper

join:2000-07-11
Youngsville, NC
kudos:2
reply to hjoe

You might want to use another DNS server anyway -

One of my coworkers has to work from home 3 days a week right now, due to some family issues. She has Centurylink's DSL service, just like me. However, whereas I use OpenDNS and GoogleDNS (or any number of others), she uses Centurylink's. The problem with her using Centurylink's is that they don't resolve the site for our client's citrix server.


hjoe

join:2011-10-15
reply to hjoe

It says disabled and also says my opt outs with Quest would be automatically honored, but I still get the spam page.

I will switch to another DNS server if it isn't fixed within a few days or so.

Thanks for the replies and suggestions.



Hazy Arc

join:2006-04-10
Greenwood, SC

Just curious...is there a reason why you'd want to keep using CTL's tainted DNS servers?


hjoe

join:2011-10-15

I've never had any problems with Qwest's. Do CTL's DNS servers have a lot of problems?


ArizonaSteve

join:2004-01-31
Apache Junction, AZ
Reviews:
·voip.ms
·CenturyLink
·T-Mobile US
·Sipgate VOIP

2 edits
reply to hjoe

Just curious but I've never ran into that. Why is it a problem? You can always put a different dns address in the modem such as 4.2.2.2 and 4.2.2.3 if you don't like theirs. There's a place to put it in the modem settings, then reboot. The Qwest one will probably always be faster though since there are less hops to get to it.


hjoe

join:2011-10-15
reply to hjoe

..

Still will not obey my opt outs. I switched to Google's public DNS servers. No DNS hijacking.
»code.google.com/speed/public-dns/



FarmerBob

join:2000-12-21
Littleton, CO
Reviews:
·CenturyLink
·EarthLink
·ViaTalk
·Comcast
reply to hjoe

Re: [Qwest] Opting out of CenturyLink Web Helper hijacking not w

In the long run you'll find that a different set of DNS's might be in order. I was and still am having "issues" with Q/CL service and the second I changed DNS's things got about 75% better. Why would you not want to switch to another DNS, when it could make it better for you?

Looks like everywhere CL goes crap follows. Comcast here we come . . .



Sys3d

join:2011-12-21
united state

3 edits
reply to hjoe

Webhelper is considered to be a browser search hijacker virus and in the IT field it should be disabled so your URL information and outbound packets are not being sent through it while browsing the web. Regardless of the dns you use. ( stay away from using other dns's that do not have a good privacy policy unless you like sharing your bank, logins, medical, research, etc with them. )
( security issues )
CTL has a privacy policy which includes they do nothing with your data other than suggest search results back to your browser when you type in an invalid url or typo. This can lead to unwanted display of pornographic material to minors and will overrule any parental controls on your computer(s).
Other free dns providers such as google and opendns will claim they do nothing with your data but they have to say that or you wouldn't use them right? Who can you trust these days? Your ISP- CTL? How about someone who wants to make a list of everything you goto including your searches through a proxy? Then again, It depends how secure you want to be and how secure the companies are which are buying, auditing and\or harvesting these lists. You're better off being protected by your isp. Regardless your isp still knows your url's no matter which dns you choose to use. Why share it with more people? Use CTL's laggy DNS and suffer the 3rd party madness until you figure out how to disable it or share private information with unprotected agencies or other 3rd parties? Google and OpenDns are used previously by me for non-secure things and they are fast but this isn't a review about them. They are ok and i will use them again but you have to know what you're dealing with if you choose to use any free dns or else you might become a victim somehow.

CTL claims we may disable webhelper in the webhelper.centurylink.com interface but when you try to disable\save it will act like it accepts your query but then when you try an invalid url again or sniff your outbound packets you will notice its just the same and still enabled displaying webhelper in browser as nothing was saved. This is not because of your cookies etc. It's because they want your information to sell obviously or else the webhelper dns sniffing service would not be implemented to begin with. They claim to not sell it but they also claim you can disable this feature in a few of their policys including in-house they claim they can disable it on their end but to no avail was possible with numerous higher techs until i solved it for them and the tech asked me how and noted the fact so they can explain it to other consumers with such a demand since their in-house is unable to disable.

I have no add-ons installed in internet explorer other than Norton and Java , Adobe PDF and Flashplayer. I disable\delete all the other default stuff like Blog, Research, Writer, Windows Live, etc.
(ask google for a tutorial about how and which add-ons to disable)

By default when you first installed your modem or any software from CTL, Qwest, Embarq + Savvis and whatever else they were.
They perhaps installed an internet explorer Search Scope for "search.live.com" which is actually redirecting you to webhelper.centurylink.com IP or url. You might notice at the bottom left corner of your browser is the URL address of what your invalid url typo is loading.
You want to search your registry for this root url such as 'search.live.com' and your results should land on hkey_local_machine \ Software \ Microsoft \ Internet Explorer \ Search Scopes \ **

Once there, You will notice any hidden or preconfigured search scopes. If you are using google as your start page you should only see google in this search scope listing. If you have more than one of them you should delete them all ( key strings on left frame) until you only have google or whichever you desire selected so you will have a 'default' search add-on.

Delete the entire string in the left window for each searchscope you want to delete, or just delete all the search scopes and then open your Internet Explorer and goto 'Tools \ Manage Add-ons' "Enable or disable add-ons" and then choose the Search Providers category then add google.com as your default.
(you might have to find tutorial by asking google how to add google as default search in I.E depending upon your I.E browser version.)

Once you have removed the search scope for search.live.com or search."whicheverName".com and have re-added google.com as your default, you will be redirected to google.com or 'page not found' when you have invalid url query.

If you have issues with this or any virus removal please contact me on dslreports.com by sending a private message.
Thank you. Best of luck !
Sincerely, JB @ sys3d

Dear CTL. Don't bother emailing me as you have wasted enough of my time and money while i continue to use your service which is poor enough and you have not solved my problems instead i am helping to solve yours and will continue to do so because you obviously need the free help and advice as any company that wants to succeed should.

Attention: Buyer beware to my clients
(has to be mentioned until the browser hijacker is removed from your service and\or disable feature works as stated.)

P.S: I am a CTL customer and a lot of my clients use CTL.
Most of us "Rural" people on laggy intermittent 1.5 Mpbs and 3 Mpbs experience problems with CTL except the 7 and 12+ Mbps clients hardly will experience an issue and will not need to contact their CTL's tech support and obvious tutorial reading reps.
I hear complaints often and i feel bad for these people because i am a virus fighter and love to protect peoples assets-t.
Why destroy such a good thing?
CTL needs to expand more than just military fiber etc.
Let's get this solved CTL ! Bring in the fiber to civilians please !
10-Hut ! Requesting Reinforcments, Over!
I am 20 miles away from your 12Mpbs. How much will it cost to expand 12 Mbps 20-30 miles wider and gather some of these Rural people that are paying the same price. (less complaints = stocks) Why do we pay the same and subject to a temp promo?
CTL is doing great however and i hope for an expansion soon.
Deliberatives aside, We need the internet to work and we need CTL to be one of the best ever!
We also need to correct things for the people and for the future innovatives of internet, speeds, expansions, legal research technology and lastly consumer sales sake including your pockets, family goals, longevity, resource control and helping the planet.

P.S.S. a J.B Tidbit: When anyone is talking on a microphone headset. Please keep the mic about 2 inches from your mouth so the other person(s) can understand you and won't be wasting your time making you repeat everything you say and make you angry which then in return makes you deliver bad communication and an attitude..

---END of helping rant---

Forgot one thing. I had to do a spell check for innovatives and intermittent, I opened google in a fresh I.E window and it took this long to load google.
"I got up from chair and i walked to the fridge 10 feet away and got a pepsi and then i walked back 10 feet and sat in chair and opened pepsi, took a big gulp and burped really loud" My burp said "OMG C'MON" Then google loaded. No joke!
CTL Techs say this is fine because they can ping me and see that my modem has been on for a longer duration than intermittence.
If i stay active clicking stuff, It will stay-alive, If i wait 30 seconds and then click something. I am stuck awaiting another 15 to 30 seconds before connection. Kicked from simple games, Fail to load pages in facebook games. Makes it impossible to use the internet for work also which i have been deterring due to the fact that i work with servers and they will block me if my connection drops a lot which it is.



EmoHobo

join:2010-07-16

1 edit
reply to hjoe

Can someone give me a fake link to click to check to see if I disabled that correctly?

I just used something like www.eoegoro0p4r9posol.com

and I didn't get the CL redirect, does that mean I fixed it? I got the Firefox Server Not Found page.



EmoHobo

join:2010-07-16
reply to Sys3d

I get routed to google (my default search engine ) on both IE and Firefox, I use firefox more so it's more important to disable it on that.



Sys3d

join:2011-12-21
united state

1 edit
reply to EmoHobo

FF and Chrome do not use search scoping as I.E does.
So this must be tested by using I.E.
Hence the Registry Key i have mentioned in my first novel post.
It loads h_key local machine \ software \ MICROSOFT \ INTERNET EXPLORER \ search scopes and is a default system key installed by CTL partners.
If you are using FF or Chrome, you are ok if this isn't happending for I.E.

Take Care ! J.B



EmoHobo

join:2010-07-16
reply to hjoe

Firefox was getting routed to that page awhile ago when I site I visited went down.

IE is being routed to Google when I type "eeeeee", so that's safe now, right?



Sys3d

join:2011-12-21
united state

Yeah, you should be ok if your all of your browsers do not redirect you to webhelper.centurylink.com when you type in an invalid link or a bad domain name such as omgiamunhappyfornothavinganyincomebecauseiamsopoorrightnowbecuaseofCTL.com this will do



EmoHobo

join:2010-07-16

Thanks, both of those pages came up as generic page not found junk, not even rerouted to google.

Looks like you got rid of that annoying redirect for me, I'll make sure to build a statue to you.



Sys3d

join:2011-12-21
united state

1 edit
reply to EmoHobo

Open internet explorer as this is a system registry for embedded internet explorer search scoping.
In I.E simply type any letter and hit enter. No need to use *.com address or http\www.
If you get page not found or your start page, you are free of this unwanted and not needed security vulnerability.
Goodluck!


zevus

join:2010-11-29
Chandler, TX
Reviews:
·CenturyLink
reply to hjoe

Use DNSBench and just set the DNS yourself.

»www.grc.com/dns/benchmark.htm

Choose one w/ a green circle & check the "DNS Nameserver Spoofability Test" as well... I use 4.2.2.4 and 205.171.2.65 (-- qwest server that doesnt redirect.. some others do, like 205.171.3.25)



Sys3d

join:2011-12-21
united state

@ EmoHobo - LOL Thanks ! Can you make it have its arms raised in the air with a halo over its head? Thanks again. ;p

@ zevus - Yeh i actually used DNSBench a few times and spoofability etc. I don't have a need to use other free dns than google's or opendns so i have no use for DnsBench other than at some client locations.
I just stick with these 2 so no need for me to Bench. Good advice though except keep in mind when you use such a program that it is allowing tons of companies to see you are calling.

After closing DNSBenchmark however the connections will chill-out and leave you alone. Same as Facebook-Bogon etc. which tends to make people open their firewall because their is too many allows needed to be configured. example - Peer Guardian 2 using blocklist manager. Not free pctools firewall or norton firewall or windows firewall rules. I'm talking about the connections which hit your 127 locally while you are online. There is a lot of blacklisted ip's hitting us daily which can be blocked by using Peer guardian 2 with blocklist manager list. (look at their installation and merge instructions and figure out how to use such a tool if you want companies to notice you are blocking their adservers etc, they will eventually ignore you and stop the "attacks".
Another nifty free-non virus program is Spywareblaster.
You should have this if your system lets you.
It will block tons of bad virus infected servers, adservers and blacklisted shady companies.

zevus !! Good advice on the other Qwest IP of 205.171.2.65
I changed my x.x.3.65 to to the x.x.2.65 and it works much better! Why can't CTL tell us this ? LOL.. Thanks bigtime! I never even thought about looking for their others. JB