Closed Bug 416501 Opened 16 years ago Closed 16 years ago

DM antivirus scan not working after 408153 checkin

Categories

(Toolkit :: Downloads API, defect)

Product:
Toolkit
Component:
Downloads API
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: aja+bugzilla, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: qawanted, regression) 

Before someone asks, yes, browser.download.manager.scanWhenDone is defaulting to true.
Not that we need it or that it matters, but I can confirm this regression.

Jim / Rob: can you take a look?
> NG:
> http://hourly-archive.localgho.st/win32/20080208_1508_firefox-3.0b4pre.en-US.win32.zip
It worked on Windows Vista.
Per MS KB914922, IAttachmentExecute will call IOfficeAntiVirus only if Attachment Manager Group Policy object is enabled.
http://support.microsoft.com/kb/914922
Windows Defender will set the GPO. Windows Defender is bundled on Vista, but is optional on WinXP.
What about when you try to open the file?  Are you asked about it?  What version of XP do you have?
From what I'm reading about SP2, this appears to be the responsibility of the vendors. I found this article describing all the policy settings - 

http://support.microsoft.com/kb/883260

You are right though, the default is off until somebody turns it on. The question here is, should we ignore this setting and scan anyway? I'm not convinced that's the right approach. I think AVG should be turning this on when they install. IAttachmentExecute is simply "following the rules".
Jim, care to contact AVG and ask them about this?
FWIW at this point, XP OS is up-to-date SP2.

Windows Defender was installed until several months ago, when it was found to be
preventing AVG scans in DM (due to Defender having lower id than AVG).  Haven't reinstalled Defender since then. From then until 408153 patch, DM had been invoking AVG scans at download time, with AVG properly prompting at download of eicar files.

If a problem has been / gets opened with AVG, please post problem number here for tracking purposes, if possible. Thanks.
 
(In reply to comment #7)
> Windows Defender was installed until several months ago, when it was found to
> be preventing AVG scans in DM (due to Defender having lower id than AVG).
Just FYI, that's already fixed by bug 393305.
FWIW: Just tried after installing Defender, and Defender alerts correctly on download of the eicar zip.
Do we know what other AV apps do? Not blocking on the assumption that this is an AVG-only issue, but if we could get someone to do a quick survey of the other popoular apps (Norton, McAfee) and see if they set the policy that would help answer Jim's question in comment 5, that would help a lot. If it turns out that this affects everyone except Windows Defender, please renominate.
Flags: blocking-firefox3? → blocking-firefox3-
Keywords: qawanted
While neither:

* McAfee VirusScan Plus 2007
* Norton Internet Security 2008

write the IAttachmentExecute group policy into the following registry locations:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus,

they both show "Scanning..." UI progress-status with today's Minefield build.

So, although neither of these implement the older IOfficeAntiVirus interface (see bug 408153), they're finding a way to scan (they do respond to Rob's tool over in bug 415005); seems that comment 5 is more on-point than comment 3, based on my testing.

Jim: in which other ways can I help test?
Blocks: 443215
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → INVALID
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.