View Full Version : Redirected to Search site
When I try to go to certain websites that I have been to in the past i.e. americanexpress, I am redirected to www2.look-up-results.com/search?qo=www.americanexpress.com
a search site. Spybot says I do not have spy ware but this is deffinetly spyware. How can I get this off my machine?
This 404/500 error redirection to www2.look-up-results.com or www.turnonsearch.com (same company) is not due to adware or spyware or cookies. It has been implemented by Choice One Communications (http://www.choiceonecom.com) into their national dial-up POP network, which many virtual ISPs such as Intergate (http://www.intergate.com) and All2Easy.net (http://www.all2easy.net) use to provide local access numbers throughout the US.
Basically, Choice One is redirecting 404/500 "domain name not found" errors to this ad-supported web site and, in so doing, preventing a client's browser from displaying a standard browser-based, ad-free error message. I belive this practice violates the World Wide Web Consortium's HTTP/1.1 standards (http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10). Additionally, of course, user permission for the redirection has not been obtained.
Look-up-results.com doesn't have a privacy policy, doesn't provide any contact information and their domain was registered privately using Go Daddy's proxy service. The following is the only information they provide about their "service":
This service automatically eliminates dead-end "error" pages you encounter as you surf the web. Absolutely no software was installed on your computer for this service to work. This search tool is designed to make your web surfing experience more productive; If you don't want this feature, feel free to opt-out at any time by choosing an alternative option below:
Note: In order for opt-out to work properly, you need to accept a "cookie" indicating that you have opted out of this service. If you use a program that removes cookies, you will have to repeat this opt-out process when the cookie is deleted. The cookie placed on your computer will contain the site name: "www2.look-up-results.com".
Complain loudly about this abusive practice to your ISP in the hope that pressure will be brought to bear on Choice One to discontinue their permission-less redirection.
Hello harbor,
We could see a log to check if anything is on the system in question.
Please go here and follow instructions.
Before you post a log (http://forums.spybot.info/showthread.php?t=288[/url)
Start a topic here:
Malware Forum (http://forums.spybot.info/forumdisplay.php?f=22[/url)
Someone will then take a look and advise you as soon as it is possible.
Cheers.
I have the same(similar) problem mine goes to wwa.look-up-results.com (yes wwa), however when I use another computer in my house (same network, same isp, connected to same router) it doesn't show the wwwa.look-up-results.com junk. So I can only conclude that it can't be from my isp otherwise the other computer would be showing it as well. It is affecting both ie and firefox.
I've run spybot, spysweeper, ad-aware, microsoft anti-spyare, ccleaner, hijackthis
I can't kill it!
Hello CyD777.
You too may follow the instructions I gave to harbor if you are not already being assisted at another site.
Just to made sure nothing is lurking where it shouldn't and help us to see if there is a pattern.
Cheers. :)
lghtslpr
2006-04-07, 09:56
F#@K!!! I hate this thing! When I enter a non-existent domain, I get taken to wwa.look-up-results.com. It happens w/ IE and Opera, so I'm assuming it's the ISP, not my browsers. Spybot didn't find anything, and nothing obvious was found by HijackThis.
I'm going to complain to my DSL company (DSL Extreme) and see what happens.
OK, I just got off the phone w/ them. DSLExtreme was bought out by Ikano.com, and now they are doing this redirect bullshit. The guy said I can change the domain name server to avoid it, but I told him not to bother because I'm leaving. I just hate this shit.
Goodbye DSLExtreme, hello ... Yahoo maybe?
I contacted my ISP to report the issue. They told me that Choice Communications provides most of their dial-up numbers. I requested another dial up number from them directly and the issue was resolved. Contact your ISP and be adamant about this. This is just wrong:spider: :banghead:
pencilsharp
2007-03-07, 07:01
Just stumbled across this thread, and thought I would offer one more option to block look-up-results.com.
The HOSTS file.
First, be aware that you MUST be careful how you proceed! Messing up your HOSTS file can interfere with internet connectivity. Thus, you MUST follow these instructions carefully.
Start by trying to find the HOSTS file on your computer. It can usually be found in the following locations:
**Windows 95/98/Me c:\windows\hosts
**Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
**Windows XP Home c:\windows\system32\drivers\etc\hosts
If you find it, proceed with the next step. If not, go here (http://accs-net.com/hosts/Downloads/hostsplain.txt), copy the text file to Notepad, save it as "HOSTS", with "All Files (*.*)" as the type. Then, skip to step 3.
Open the HOSTS file with Notepad. Just right-click the file and choose "Open," then choose Notepad from the pop-up.
Choose "Save As..." then save as "HOSTS.old" with the file type as "All Files (*.*)"
After the "Localhost" entry, type the following:
127.0.0.1 www2.look-up-results.com
Make sure you include the space between 1 and www2. If your website has a different www prefix, make a new line and include that version too.
NOTE: Wildcards (such as *) do not work in HOSTS.
Choose "File -> Save"
Try entering ww2.look-up-results.com.
If you get your standard 404 page or a page saying "This page cannot be found," you're golden.
If you still see look-up-results.com, repeat the procedure, taking care to include the EXACT domain.
Again, exercise extreme caution. This is not something to be done lightly... but it IS effective!
Good luck, and good night!
~pS!~