![[ Beasley Allen Law Firm Logo ]](http://www.beasleytech.com/wp-content/themes/system-unity/images/logo.png){kind=logo}
AVG Deceiving its Customers
Jason sent me a link the other day to warn about an issue with AVG new Search-Shield “feature”.
According to AVG’s website…
The new web shield checks every web page at the moment you click on the link to ensure you’re not hit by a stealthy drive-by download or any other exploits. All links on search results pages in Google, Yahoo, and MSN are analyzed and their current threat level is reported in real time before you click on the link and visit the site.
The problem with Search-Shield is that in order to work as advertised, AVG has to scan each and every search result that is displayed. This will cause a huge increase in traffic to millions of websites, even if the user never clicks on a search result.
To add insult to injury, AVG has disguised their software to mimic Internet Explorer 6 (IE6) traffic. So not only are webmasters forced to deal with the increased bot traffic from AVG’s software, now they have no way to tell fake traffic from legitimate users.
Daniel Brandt, who runs Wikipedia Watch, estimates that Surf-Shield traffic to the site has outstripped legitimate clicks by nearly ten times. In this graph, the pink line represents suspected Surf-Shield scans, the blue line legitimate clicks:
Today I began scanning through our log files looking for any suspicious traffic spikes that could be attributed to the AVG software. I found nothing out of the ordinary, so I decided to conduct a little experiment.
I downloaded and installed the free version of AVG Anti-virus (v8.0.138) on a test box. I then SSH’d into our web server and sat on the access log watching for incoming traffic, and searched for “southern injury lawyer“.
Our website, (www.southerninjurylawyer.com) came up in the search results with an icon next to it signifying that AVG had scanned the website and that it was “safe to proceed to this page.”
The problem is that AVG did NOT scan the website as claimed (see below). Matter of fact, AVG never touched the website that it claimed was safe.
Am I missing something here? I just don’t understand how AVG can scan the website without any trace in the access logs. So, what has your experience with AVG been?
