Closed
Bug 416501
Opened 16 years ago
Closed 16 years ago
DM antivirus scan not working after 408153 checkin
Categories
(Toolkit :: Downloads API, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: aja+bugzilla, Unassigned)
References
(Blocks 1 open bug, )
Details
(Keywords: qawanted, regression)
Since 408153 landed, antivirus scan is no longer performed. Test files at http://www.eicar.org/anti_virus_test_file.htm all slip through now. OK: http://hourly-archive.localgho.st/win32/20080208_1413_firefox-3.0b4pre.en-US.win32.zip NG: http://hourly-archive.localgho.st/win32/20080208_1508_firefox-3.0b4pre.en-US.win32.zip Checkins: http://bonsai.mozilla.org/cvsquery.cgi?module=PhoenixTinderbox&date=explicit&mindate=1202508780&maxdate=1202512079 Using AVG 7.5 Free Edition
Flags: blocking-firefox3?
Reporter | ||
Comment 1•16 years ago
|
||
Before someone asks, yes, browser.download.manager.scanWhenDone is defaulting to true.
Comment 2•16 years ago
|
||
Not that we need it or that it matters, but I can confirm this regression. Jim / Rob: can you take a look?
Comment 3•16 years ago
|
||
> NG: > http://hourly-archive.localgho.st/win32/20080208_1508_firefox-3.0b4pre.en-US.win32.zip It worked on Windows Vista. Per MS KB914922, IAttachmentExecute will call IOfficeAntiVirus only if Attachment Manager Group Policy object is enabled. http://support.microsoft.com/kb/914922 Windows Defender will set the GPO. Windows Defender is bundled on Vista, but is optional on WinXP.
Comment 4•16 years ago
|
||
What about when you try to open the file? Are you asked about it? What version of XP do you have?
Comment 5•16 years ago
|
||
From what I'm reading about SP2, this appears to be the responsibility of the vendors. I found this article describing all the policy settings - http://support.microsoft.com/kb/883260 You are right though, the default is off until somebody turns it on. The question here is, should we ignore this setting and scan anyway? I'm not convinced that's the right approach. I think AVG should be turning this on when they install. IAttachmentExecute is simply "following the rules".
Comment 6•16 years ago
|
||
Jim, care to contact AVG and ask them about this?
Reporter | ||
Comment 7•16 years ago
|
||
FWIW at this point, XP OS is up-to-date SP2. Windows Defender was installed until several months ago, when it was found to be preventing AVG scans in DM (due to Defender having lower id than AVG). Haven't reinstalled Defender since then. From then until 408153 patch, DM had been invoking AVG scans at download time, with AVG properly prompting at download of eicar files. If a problem has been / gets opened with AVG, please post problem number here for tracking purposes, if possible. Thanks.
Comment 8•16 years ago
|
||
(In reply to comment #7) > Windows Defender was installed until several months ago, when it was found to > be preventing AVG scans in DM (due to Defender having lower id than AVG). Just FYI, that's already fixed by bug 393305.
Reporter | ||
Comment 9•16 years ago
|
||
FWIW: Just tried after installing Defender, and Defender alerts correctly on download of the eicar zip.
Comment 10•16 years ago
|
||
Do we know what other AV apps do? Not blocking on the assumption that this is an AVG-only issue, but if we could get someone to do a quick survey of the other popoular apps (Norton, McAfee) and see if they set the policy that would help answer Jim's question in comment 5, that would help a lot. If it turns out that this affects everyone except Windows Defender, please renominate.
Flags: blocking-firefox3? → blocking-firefox3-
Keywords: qawanted
While neither: * McAfee VirusScan Plus 2007 * Norton Internet Security 2008 write the IAttachmentExecute group policy into the following registry locations: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus, they both show "Scanning..." UI progress-status with today's Minefield build. So, although neither of these implement the older IOfficeAntiVirus interface (see bug 408153), they're finding a way to scan (they do respond to Rob's tool over in bug 415005); seems that comment 5 is more on-point than comment 3, based on my testing. Jim: in which other ways can I help test?
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → INVALID
Assignee | ||
Updated•16 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•