Websites are Injected with the Script avg_ls_dom.js

A few days ago, I checked my blog’s HTML code and found out a serious issue. My website was injected with the script avg_ls_dom.js and I was very worried that my site could have been hacked. However, when I viewed source of some other sites, I also saw the script appear. There is no way this is a mass attack because I checked very popular websites and all of them are injected with the script also. I started to think that this is my computer’s problem and I was right.

This is actually a serious bug of the popular anti-virus program AVG 2011. In many cases, websites are flood with HTTP requests and they couldn’t be loaded properly, sometimes I even couldn’t access my website. The script is added to the header of all web pages and it look like this:

[html]<script type="text/javascript" src="/A2EB891D63C8/avg_ls_dom.js">[/html]

AVG is a great anti-virus software that I often recommend to my friends as it has both free and paid version. It has kept my computer safe and free from virus for years. I checked all of AVG components and it appears that the bug originates from the option Surf-Shield in the LinkScanner component. The Surf-Shield checks web pages in real time to identify malicious websites before you visit them, it would protect you completely by adding the script avg_ls_dom.js. The script then will report back to AVG to check links for you. It sounds like a good way to protect users when surfing, however, it could also affect users’ experience seriously. Sometimes when a lot of users with AVG access a particular site, you could see its loading time take very long.

If you can protect yourself from malicious links, you can fix the problem simply by disable the option Surf-Shield.

If you had the same issue with AVG, do you have another solution to fix it?