Upgrade Storagewarning message from antivirus when I open Zotero about https://gh-proxy.com/
My antivirus gives me the warning below when I open Zotero. What is the problem?
Infected web resource detected
Feature:
Online Threat Prevention
We blocked this dangerous page for your protection:
https://gh-proxy.com/
Accessed by: zotero.exe
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.
Thank you
Infected web resource detected
Feature:
Online Threat Prevention
We blocked this dangerous page for your protection:
https://gh-proxy.com/
Accessed by: zotero.exe
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.
Thank you
I checked my zotero folders.
Should I try turning off each plug in separately and seeing if the message repeats?
Could it be a plug in I never actually installed due to the warning message but it keeps trying to install?
You could try going into your Zotero profile directory, opening the subdirectory called "extensions," and moving each of the .xpi files into another directory, restarting Zotero each time, until the message disappears.
But I don't think there's anything inherently wrong with a plugin connecting to that domain. Some Zotero plugin developers are in China, where the code hosting service GitHub isn't directly accessible, so they use that proxy domain instead. If you figure out which plugin is responsible, you could try getting in touch with the developer and asking them if they could distribute a version for non-Chinese users that doesn't use gh-proxy.com.
At the bottom of the dialog for this plugin there is a Select Source option:
https://s3.amazonaws.com/zotero.org/images/forums/u3058096/c5oeesshj9elj4oobuik.png
If you have it set to Auto it could use gh-proxy. I set it to GitHub and that stopped the calls to gh-proxy as monitored by our IT cybersecurity team.