Bypass Firefox's Blocked: May contain a virus or spyware message

Martin Brinkmann
Nov 19, 2014
Updated • Mar 20, 2015

Google Safe Browsing maintains a list of files, sites and pages that the company has flagged as malicious. The product has been in use in the company's own Chrome browser for some time and recently implemented in the Firefox web browser as well.

Firefox handles the checks different than Chrome. Instead of communicating directly with a Google server whenever a user of the browser attempts to access pages or download files, it is checking a local copy of the blocklist first and will contact the server only if a match is found.

This is done to verify the claim and make sure that the file or site is still on the Safe Browsing list.

The big issue with Safe Browsing is that you can run into false positives easily. One developer who is plagued by this a lot is Nir Sofer.

When I tried to download Facebook Cache Viewer earlier today for example I received the message in Firefox that it was blocked.

Blocked: May contain a virus or spyware

A similar message is displayed in Google Chrome (xyz is malicious, and Chrome has blocked it).

firefox blocked file

While Chrome offers an option to download the file anyway on chrome://downloads/, Firefox does not offer options to recover the file.

Note that Firefox scans files only on Windows and not in other operating systems it is compatible with.

Here is a short list of options to download blocked files in Firefox

  1. Use a different browser that does not rely on Google's Safe Browsing technology. Internet Explorer or Opera come to mind, and even Chrome works as you can recover file downloads.
  2. Disable Safe Browsing in Firefox. This can be done in the preferences as described here. It is alternatively possible to set the preferences browser.safebrowsing.enabled and browser.safebrowsing.malware.enabled to false on the about:config page.
  3. Use a download manager to download files instead of Firefox directly. A good free program is Free Download Manager.

It is unclear why there is no option to override or bypass flagged downloads to download files anyway even if they are flagged by the browser similar to how Google Chrome handles that.

There is a bug report for that but it has not received a response yet.

Now You: How do you handle blocked downloads in Firefox`?

Bypass Firefox's Blocked: May contain a virus or spyware message
Article Name
Bypass Firefox's Blocked: May contain a virus or spyware message
Firefox is using Google's Safe Browsing technology to vet file downloads on Windows. If a file is flagged the download is blocked and cannot be completed.

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Martin Brinkmann said on October 6, 2018 at 3:07 pm

    Please send me an email using the Contact page on this site so that I can verify that you are the owner of the address. I enable the newsletter for the address manually then. Sorry for the inconvenience!

  2. jai daemion said on October 6, 2018 at 2:50 pm

    Note: in trying to subscribe to your newsletter, i get to a small window which says “we just have to make sure you’re a person” – a blank space below that and then a “subscribe” button. No captcha appears. what to do?

  3. Jack said on April 2, 2016 at 3:10 pm

    I noticed this function for the first time today. Obviously, you can unblock those blocked downloads,
    by simply opening the Download window, right clicking on the file in question and selecting unblock.
    So it’s not a big deal – at least in my version of Firefox (version 45 on Linux). What concerns me more
    is the privacy issue. So each time find finds some suspicious file (false positive or not) it checks
    Google’s servers if the file is still one the Safe Browsing list? Really? That means it’s basically
    telling Google what I’m downloading, even though I’d never install Chrome, never use the Google
    search engine and use Firefox in privacy mode all the time, because I’m concerned about my privacy.
    I’ll better turn off “Safe” browsing. Thanks for the article.

  4. BC said on July 26, 2015 at 10:39 am

    thank you for info how to disable this annoying blocking feature.

  5. Ray said on March 30, 2015 at 2:26 pm

    I have had 4 pdfs and one executable file (totally legitimate) blocked. The fact that you cannot unblock them is so frustrating. I disabled the safe list temporarily to see but this remains a feature which should be implemented differently (at least include a button to bypass)

  6. gloomood said on March 26, 2015 at 2:02 pm

    NO LIFETIME for shitty browsers !

  7. Uhtred said on March 24, 2015 at 12:11 am

    encountered my first “blocked download”, notified within last second or so.
    so sadly seems no change/update yet made for 36.0.4

  8. Fred McDonald said on March 20, 2015 at 3:58 pm

    The Mozilla bug report;
    was closed as a duplicate. It is now;
    Bug 1068656 – Implement new Downloads Panel item state for items that can be unblocked

    1. Martin Brinkmann said on March 20, 2015 at 4:55 pm

      Thanks Fred, I have changed the link to reflect that.

  9. ??Whatthe?? said on March 18, 2015 at 1:41 am

    Two words.

    Firefox Uninstalled

  10. SK said on March 9, 2015 at 6:39 pm

    Yep Firefox 36 on Linux just blocked a file after I spent an downloading it. Maddening that it does this AFTER I waste so much bandwidth downloading it, AND with no option of overriding. Turning off this piece of crap safe browsing ASAP.

    1. 123 said on March 13, 2015 at 2:36 am

      yes, it’s just a piece of sh*t!!!!

  11. Xav' said on March 8, 2015 at 10:37 pm

    Firefox 36 on Linux just did this to me. Download a file for 2 hours then deny me access to it with this idiotic message. Totally unacceptable.

  12. Former firefox user said on March 8, 2015 at 12:01 am

    I hope the legitimate companies whose software was blocked sue Google and Firefox for this collusion and clear antitrust violation that they have taken for no other reason than to stifle competition and enrich themselves. I don’t know who is running Mozilla right now but every action and update they have made these last couple of years has been worse than the one before it. It is almost like they are intentionally trying to destroy what was once a wonderful product; that or they are seeing how far they can push the average user before they come to their senses and start to complain or change products.

    I think that this and the whole forcing upgrades of Adobe Flash is just to earn them money and are clear infringements of antitrust laws. I would uninstall Firefox (and Chrome) before they start selling your browsing history to advertisers (if they don’t already). This company has no morals anymore and shouldn’t be trusted; I fear there will likely come a point where they will try to cash out and simply sell everyones credit card and other personal information to hackers.

  13. Stupid said on February 28, 2015 at 9:52 am

    What a crap! Blocks PDFForge which is open source.
    WTF blacklisted PDFCreator ?!?
    Inactivated this shit, a good reason to go back to IE, inactivated this shit!!!

  14. Doc said on November 22, 2014 at 11:51 pm

    “Google Safe Browsing … has been in use in the company’s own Chrome browser for some time and recently implemented in the Firefox web browser as well.”
    The Google Safe Browsing feature has been in Firefox for years; only the malicious file list is new.

  15. Ronald said on November 20, 2014 at 7:25 am

    I, too, have both turned off. Waste of bandwidth. I’m careful not to download from shady web sites, careful about clicking on links in e-mail, etc. Haven’t had a virus alert in twenty years. Probably should get rid of my anti-virus software as well.

  16. David said on November 19, 2014 at 11:34 am

    Same here. People who read your blog don’t use Safe Browsing ;)

  17. Tom Hawack said on November 19, 2014 at 11:06 am

    Here I’ve always had browser.safebrowsing.enabled and browser.safebrowsing.malware.enabled set to false.
    I wouldn’t advise these settings for a user who is starting to discover the Web and is not equipped with system-wide security or at least Firefox security tools.

    Concerning Nir Sofer (aka NirSoft) applications, this comedy has been lasting for years. Everyone knows, the planet knows NirSoft applications are healthy, pertinent, safe. Why the heck does it take so long for Google to acknowledge is beyond my understanding.

    Last but not least, theses above settings when set to true (default) also slow down the rendering, even if slightly. With a good security infrastructure just set them to off is my advice.

    1. jasray said on November 19, 2014 at 5:23 pm

      Tempted–“Last but not least, theses above settings . . . ”

      Hmmm . . . how about proofing your own writing first and let Martin proof his writing.

      1. Tom Hawack said on November 19, 2014 at 5:55 pm

        Come on, don’t be childish :) I hope, I even believe having been understood, even by you!
        The point here is not to apply for a job in the latest East coast gazette!
        Are you snob or plainly an upstart crow?! And remember that English is not the mother-tongue of all. Remember or figure it out.

  18. Cattleya said on November 19, 2014 at 10:23 am

    I never use Safe Browsing, it is totally crap, slow down my browser, I just use AdBlock software like Privoxy to filter harmful javascript function and force them ask before execute and I never get any virus even I never use antivirus too.

    1. Doc said on November 22, 2014 at 11:51 pm

      You don’t install antivirus software? Then you’re a fool. Viruses don’t just come in through unsafe browsing, there are flaws in Windows (and other operating systems too – remember the Java flaw that was exploited in Mac OS X?) that allow malicious software into the system.
      I once maintained a Windows 2000 Server installation (state of the art at the time!) that was used only for serving files and printers, never used to surf the Web; it had no antivirus because there was no budget to pay for server-grade antivirus (blame management, not me!) It wound up with bogus user accounts, MIRC bots, and probably was used to send spam – even though I was the only user, and I only used it once a month to burn backup DVDs.
      Despite what Symantec is saying, antivirus is essential, and the need for it won’t go away. Windows Defender and Microsoft Security Essentials are only a stopgap for fools that don’t think they need “full” antivirus – even Microsoft says so.

      1. Smartguy123 said on March 8, 2015 at 8:17 pm

        Drop the tinfoil hat, the NSA is not sending viruses. You certainly did something stupid to get that virus.
        I stopped using anti-viruses for 6 years now. Never got another virus ever since, except for one time I had to open someone’s pendrive, nothing malwarebytes couldn’t solve.
        Main key to not get a virus: Download your porn and games from trust-able sources.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.