I'll make a preview on how i think it should look like.
As for the HTTPS Everywhere extension. On one end, yes, you prevent Web Shield from scanning the connection but then again but on the other, with HTTPS you make sure that there is no injected content along the way and that the web site is trusted. I'd say it's very unlikely that such webpage would be infected though i won't say it's not possible. In that case File System Shield and Auto Sandbox should do the trick.