Recently started to delete downloads claiming 'virus or spyware'.
Last two days, some of the download have been started to be deleted by saying that 'Blocked: may contain virus or spyware' error message, at download window. The subject downloads are .pdf files, or partial .rar files. This is a new development. Never happened before. I am looking a way to get rid of this recent behavior.
Chosen solution
Hi FredMcD, I think it's the feature discussed in this thread, screen shot in the second-to-last post: False positive on docx from facebook.
Ler a resposta no contexto 👍 1All Replies (16)
Firefox uses data from Google's "Safe Browsing" project to assess the reputation of websites and downloads. Every so often Google changes the data it supplies, for example, it may be flagging potentially unwanted programs in addition to actual malware.
For the future, the developers are considering an option to override the block and get the file anyway. It probably will be at least a few months before that appears because security-sensitive changes take time to design.
For now, if you think these file blocks are "false positives" and that the files actually are safe, you could do one of the following:
(1) Download the file using a different browser (yikes)
(2) Download the file using a downloader add-on that bypasses this security check. I heard about this in another thread but haven't tried it myself (and also, I don't know which add-ons to trust for this!).
(3) Disable the Safe Browsing feature temporarily to get the file, then turn it back on. There is a checkbox in the Options dialog:
"3-bar" menu button (or Tools menu) > Options > Advanced
On the Security tab, it's the "Block reported attack sites" checkbox. The other checkbox relates to phishing sites and I don't think it affects downloads.
Sorry I don't have a better suggestion at the moment.
Are you using any download managers? Mine has a setting asking to scan files after downloading. Check if you have this. Example;
extensions.downloadbar.automaticviruscan;false
What is it that is removing these files? Firefox, or your anti-virus?
Chosen Solution
Hi FredMcD, I think it's the feature discussed in this thread, screen shot in the second-to-last post: False positive on docx from facebook.
mebatur said
Last two days, some of the download have been started to be deleted by saying that 'Blocked: may contain virus or spyware' error message, at download window. The subject downloads are .pdf files, or partial .rar files. This is a new development. Never happened before. I am looking a way to get rid of this recent behavior.
THANK YOU for all your replies. I have ticked out the 'Block reported attack sites' and the 'Block reported web forgeries' check boxes. I do not know whether this will help, since it has started out of blue by itself, without me making any configuration changes. I am using Chrome now, without any problems. Thank you again.
Hi mebatur, just to be clear, I only suggested unchecking the box when you know you need to to get a trusted file but keeping it checked at other times. Otherwise, you expose yourself to unwanted sites and downloads.
Please help....My problem started last night as during the day I downloaded from same site and there was no problem I have not altered any changes to Firefox except updating on Friday to 36.0.1. This is annoying as downloading with the dreaded IE I did not have the problem the files stopped by Firefox was downloaded by IE , I even disabled my antivirus with no effect and have now tried your suggestion about unchecking ...blocked reported attack sites and it works I can down load again so is there no other work around besides unchecking that box...thanks in advance
itekweni modificouno o
I had the same problem.
The probable reason for that annoying behavior: Firefox updates allegedly malicious sites' data to the users' browsers (without asking first, and/or back recovery alternative). Data is supplied by Google.
How I get around it: Tools -> Options -> Security tab -> Uncheck the tick boxes 'Block reported attack sites' and 'Block reported web forgeries'. Use Chrome until you are sure You get rid of this annoyance.
These allegedly 'security measures' are useless (since I had several highjacking, while they were on), and I had to clean the mess manually. They only work by the data provided by Google, while Chrome browser is working perfectly for the same download address!
Browser designers have not had the decency to provide 'ask first' provision, in case of false positives.
Good luck, cheers.
Thanks for your response looks like I might have to migrate away from firefox as they becoming too fancy..I already have Kasperskey and Malwarebytes installed on my pc so do not need a browser to supply these for me...thanks again for response
mebatur said
How I get around it: Tools -> Options -> Security tab -> Uncheck the tick boxes 'Block reported attack sites' and 'Block reported web forgeries'.
This is very dangerous. Please leave these turned on.
There are a number of web sites that can lock any browser that lands on them. This add-on can stop such pages; disallow Script Button {web link} The Disallow Script button looks like a letter "M" and the title is the Minus Script, drag and drop the button on a toolbar. If the button is not displayed then nothing operates, except rules for plugins.
FredMcD modificouno o
mebatur Thank you for the input and I have added the disallow script button and I only use the unchecked " block attack sites" when downloading from a secure site which for some reason fro last night firefox has started to block my downloads and once I have finished downloading I check it again so as to be able to surf safe.
If this is being done based on the URL, why is the browser even downloading the file when it is only going to delete it when it is done? That is just ... stupid. Pop up a message saying it won't download it because [insert whatever inane reason here] and/or give the user the option to override it. After all, this video clip I am after is from a trusted source and is a video. Period.
John99 modificouno o
I have the same problem. New in the last 3 days. Sometimes, it clears after a few hours.
Being no expert, I don't have a solution. But analytically, I could also easily believe that a security feature is being purposefully misused through (or even by) Google etc. for censure or "copyright protection" or whatever...
In any case, this being totally new, someone has done something wrong in the chain in the last few days, probably inserted an ill-designed rule.
Cor-el provided the perfect link to ghacks.net. Very complete and accurate explanation for idiots like me.
The easy solution is indeed to untick the two Block boxes in options> security and refrain from general browsing while downloading the problem files. Then reactivate blocking. Thank you cor-el, and indirectly ghacks!
That was very good work. Well Done. Please flag your last post as Solved Problem so other will know.
I have this problem when downloading zip files from a cloud file storage site (e.g. uploaded.net). The zip files I am downloading contain only non-executable content (e.g. text files, jpg images) and were uploaded by a trusted source. Apparently, some hacker(s) post(ed) malicious executable content elsewhere on the same cloud storage site, thus giving the entire site a bad name. For Firefox to block all ZIP files from that site because of that is short-sighted and just plain wrong.