I have a website that offers downloads of programs including WordPress Themes and Plugins. When I test the downloads I get "Potentially Annoying Download Detected". I double checked all the download files and they are not infected. In fact I used McAfee to do the scan.
1) Why is the message appearing when the files are clean?
2) What can I do to get the message removed?
Moved this provisionally to SiteAdvisor for better support.
Your site is http://www.kevinsspace.ca/ I assume.
I'll let one of our SiteAdvisor experts answer you.
If the site is kevinspace.ca I'll look into it when I get back. Having a busy evening so far.
Thankyou
Yes that is my site.
Hi Hayton
I see you are busy running some tests on my site.....thankyou.
Finished. Have run some other tests. Composing the reply will take some time , + I've got a late supper burning in the oven
Stand by. Lots of screenshots.
Edit - Correction, not quite finished. The files that triggered warnings have to be scanned.
Message was edited by: Hayton on 03/11/13 04:52:11 GMTOkay, all done.
First, I ran a few of the usual checks on the site itself. Nothing much to report except that there's one invisible iframe (strongly deprecated) and a piece of javascript that was flagged as suspect.
http://quttera.com/detailed_report/www.kevinsspace.ca
As for SiteAdvisor and TrustedSource, they show a mixed picture for your site. SiteAdvisor has it as Grey (unknown or untested) but has tested links and at least one download. The data looks old, but even re-testing the site would not, I think, pick up the files from the Download section since to gain access to them involves several user-interaction steps including a Captcha.
Moving on to the site itself, you're running under the latest WordPress (3.7) but Sucuri gives a warning about one of the plug-ins -
http://sitecheck.sucuri.net/results/www.kevinsspace.ca
Wordpress internal path: /home/content/38/11061038/html/wp-content/themes/expressions/index.php
and you're sharing server spce with a number of other sites, some of which are flagged for reasons I did not investigate. This might have an impact on your site's rating at some time in the future - if the site rating goes Yellow, that's the reason.
http://www.urlvoid.com/scan/kevinsspace.ca/
All of that was just standard site checking, and is not relevant to the main question. And so to the downloads.
As you saw, I was able successfully to download a number of zip files. Some of them were blocked from completing their download, not by McAfee or by SiteAdvisor, but by Google Chrome. The reason for the blocking was not adequately explained (lack of space) and the web page to which I was directed did not address this particular circumstance. I left Google some feedback about that.
These were the downloads that were blocked.
I forced completion of each of those downloads. When everything was downloaded and saved I scanned the whole set of downloads, first with McAfee and then with Malwarebytes. Neither reported any problems.
Then I uploaded each of the zip files to VirusTotal and scanned it there with a range of antivirus scanners. Only two zip files did not pass the test completely : CryptogramSolver.zip and SudokuSolver.zip - both of those were flagged by Symantec as "Suspicious.Insight" (Risk Level = Very Low).
So there appears to be nothing McAfee is doing to block your files. I haven't tried this in any other browsers so I don't know whether Microsoft, for instance, would block those files because of feedback from Smartscreen Filter. All I can say is that Chrome, at least, is picking up a warning about them from somewhere, so somewhere they are flagged as suspect. Not dangerous - Chrome would have a much more alarming blocking page for that - but low-risk-suspect.
Let me know if there is anything else I can help with and -time permitting - I'll see what I can do.
Hi Hayton
Wow ! I can't believe the effort you've put in to help me .....thankyou!
In Chrome the three zip files that were blocked were old visual basic programs I developed a few years ago. They contain unsigned executables so I suspect that may be the problem. I have decided to take those downloads off the site.
I fixed the frameborder problem and re-scanned with Quttera and everything was fine including the suspect jquery script, which I did not change. It is a popular script to access and set cookies.
Still outstanding :
1) I have tried everything out there to get rid of the WordPress internal path warning in Sucuri SiteCheck, but nothing works.
2) It looks like Chrome and Opera are downloading with out a problem but Firefox and IE10 continue to give the Siteadviser "Potentially annoying Download Detected" warning in Firefox?
New question :
I've also tried to submit the site for review through McAfee, but the verify won't work. I have tried with and without the .htacces active. Any ideas?
kevinhaig wrote:
Hi Hayton
Still outstanding :
1) I have tried everything out there to get rid of the WordPress internal path warning in Sucuri SiteCheck, but nothing works.
2) It looks like Chrome and Opera are downloading with out a problem but Firefox and IE10 continue to give the Siteadviser "Potentially annoying Download Detected" warning in Firefox?
New question :
I've also tried to submit the site for review through McAfee, but the verify won't work. I have tried with and without the .htacces active. Any ideas?
1 : I've seen several sites with a similar Sucuri warning. It's a WordPress configuration issue, and I'm not expert enough with WordPress to recommend any fixes. I say leave it for now.
2. Firefox and IE : which files get the download warning?
New question : verification not working - what error message do you get?
All my downloads are giving this message :
Site verification error
Could not verify the Web site file
http://kevinsspace.ca/ea78c64acb440a59ab0ae6f0df403fbd9ab10d43.html
for the Web site kevinsspace.ca. Please be sure you have placed the verification file in the root Web directory of your site without changing the contents of the file, using the exact file name listed above.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: