I have had a few HTML-Iframe-inf aborts in the past, but today on a Google search page at < http://www.google.com/search?q=Lidia+Bastianich+Beef+Chuck+Braised+in+Beer%2C+Whole+Grain+Spaetzle&ie=UTF-8 > almost every page was aborted. This can’t be right!

What is happening? They can’t all be infected can they.

Now I know something is wrong. I went back to a page that I had already visited successfully, on another Google search page, which was still running in another tab in Firefox, and avast aborted it too.

You are running a rather old version of avast!, so it is probably worthwhile to upgrade to the latest release 5.1.889. By abort, do you mean from Webshield? Have you done a reboot? Sounds like something has crashed.

Sorry I should have told you, but I am running 5.1.889, on the Dell.

Yes, Web Shield is responsible for these Aborts.

I cleared my cache and restarted Firefox, but did not reboot my system.

I rebooted my system, allowed the pages to reload in Firefox, and it is still aborting almost every page on that search. They are all different websites, so I feel avast somehow screwed up with it’s last update.

I exited that search page, cleared the cache, re-entered the same search subject. The first 8 loaded, but < pc-adapter.net/reachel/lidia-bastianich-beer-braised-beef.html and dalinah.com/portos/lidias-braised-beef-with-beer-recipe.html > were aborted and then on the next page the following pages were aborted < kempobond.nl/newbu/lidia-braised-beef-liguria.html and test.flintthompson.com/storyov/beer-braised-beef---lidia.html and dot.dobsonarts.com/figurezm/lydia-beer-braised-beef.html?ao=0 and gatewoodwitte.com/careve/lidias-braised-beef-with-beer-recipe.html and doubleeaglehorsefarm.com/starttb/lidia-braised-beef-liguria.html and siamview.net/singzl/braising-beef-with-beer-lidias-italy.html?ao=0 >. That is 6 out of 10 on that page.

Interesting results. With FF and IE I am also getting the aborts; no problems with Opera which I was using before or with Chrome. Which version of FF are you using? I’ll send this thread to support and see if they have any feedback.
UPDATE: BTW, what database version are you running in Avast!? I have 110207-0 .

I’m using FF v3.6.13. The avast database is the same as yours v110207-0 .

I get another interesting observation with these sites. Tried turning off Webshield, and then the Avast! Network Shield aborts it in FF. So Avast! appears to be getting different results based on the page rendering by the browser. Shouldn’t happen; bug of some sort-maybe in the database update?
Did send the thread to support; hope someone from Avast! looks at it soon.

I clicked on some of the websites listed in the Google search link above. I tried it both in FF 4b10 and IE9 Beta.

The results lead me to believe that there could be redirect or hijacking going on here with these websites so they are being blocked by AIS

Same here - it is indicating a redirect to a set up file

Until this is resolved, as far as I’m concerned, I’ll trust avast and leave these sites alone. I’ll wait a few days and see if the site managers are able to fend off the offenders.

Avast! still needs to take a look at it though, since they don’t see the problem in two of the browsers. Or did anyone manage to get a response using Opera or Chrome? If malware can bypass Avast! based on browser choice, this is a serious problem. Looking at the pages with Opera or Chrome rings no alarms of any kind, just brings up the page.

Avast! blocks that Google search with both IE9 and Firefox 3.6.13 for me, with Opera 11.01 however there is no reaction at all.

BTW, I believe these are FPs but have no way of verifying it. If you look at my signature, I also run Prevx with SafeOnline and Online Armor with Emsisoft antivirus and they did not react at all when I went to the sites with Opera and looked around. Always possible I didn’t try to access the right objects, but malicious websites are usually a bit more aggressive than that.

Most of the links on that Google Search page got redirected to the first URL/link when I tried it.

Hello,

it does not look like false positive - i tried some of the sites from the top of the results and they are redirecting to some FakeAV sites.

Alena Varkockova

Have you looked to see why Opera and Chrome don’t see a problem at all? It is either FPs in IE and FF or FNs in Opera and Chrome. Or do the other shields eventually catch it there also?

Latest Report:

1. Heard from Avast! support. They sent me a form letter saying to go back to 5.0.677 until they fix the problem, so don’t seem to be an avenue to look into it further.
2. Went to the first search item with Opera, no popups from Avast!, tried all the links, found nothing malicious.
3. FF blocks it with Webshield, if you turn off webshield blocks it with network shield. I’ll let Avast! turn off network shield and see why there is such a significant difference between the browsers.
   SO, is the conclusion that we should all use Opera or Chrome? : Thank you Alenka for looking into it.

Who has an installer for v5.0.677?

Saw an announcement on Comodo Site Inspector, which scans sites for malware, so ran the first of the urls on the search through it. Reported as safe, for what that is worth. ??? BTW, the “go to .677” looks like a stock answer, not an indication that the problem doesn’t occur there.