Thanks for filling the issue...!

Unable to reproduce the issue on reported chrome version 69.0.3497.23 using Windows 10. Attaching screen-cast for reference.
Steps:
---------
1. Launched reported chrome
2. Navigated to given URL " https://www.google.com/chrome/ " 
As we are able download the file 

@Reporter: Requesting you retry this issue on other machine which is not having " ESET Smart Security " and with fresh profile without any extensions/apps or reset all the flags. Let us know if issue still persists.

Thanks..!

Deleted: 870998.mp4 3.8 MB

	870998.mp4 3.8 MB View Download

Yep, still occurs for me. Unfortunately I do not have a Windows machine without ESET to test, only MacBook Air (problem does not occur there, but I don't think it's good material for comparisons in this case :)

I tried disabling ESET or whitelisting Chrome in it, but all downloads still fail with the same message.

Thank you for providing more feedback. Adding the requester to the cc list.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

A little more info - I googled a little bit today about this issue and found out some advice to edit registry to fix this and it helped.

Changes made:
Change ScanWithAntivirus value to 1 (from default 3) at HKEY_LOCAL_MACHINE >SOFTWARE >Microsoft >Windows >CurrentVersion >Policies >Attachments

 Issue 871047  has been merged into this issue.

Thanks for your feedback..!

As per comment #5 that your troubleshooting is helped for this issue.Could you please let us know shall we close this issue.

Thanks..! 

Yeah, but the solution is to disable AV scan of attachments and downloads for all apps in Windows that use this setting from what I understood from description of this policy.

So I don't think this is a proper fix. Especially that it worked without disabling this before. 

Thank you for providing more feedback. Adding the requester to the cc list.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Agreed. This is clearly a regression and disabling AV scan setting in the registry cannot be the long-term fix.

As per comment #9, Requesting in-house installers team to check this once with the antivirus mentioned and help in further triaging. Adding TE-NeedsTriageFromHYD label to it.

Thanks..!

One more detail - I have Windows 10 Pro April 2018 update. 

Hi. Could you provide a screenshot of whatever it is that you see when a download fails? This will help us make sure that we get the right folks to take a look. Thanks for your help.

Sure, here it is (message from the title was my translation from Polish, now I switched language to English US, so wording is a little different :)

Deleted: Zrzut ekranu 2018-08-08 17.17.32.png 16.1 KB

	Zrzut ekranu 2018-08-08 17.17.32.png 16.1 KB View Download

Another detail, I have ESET Internet Security 11.2.49.0.

Maybe this is an issue with virus scan software, needs to confirm though

I have Kaspersky and I am having the same issue. My Kaspersky is not even running when this happens. 

I cannot download anything with Chrome.  I have no problems with Microsoft Edge or Firefox browsers.  I have paused my anti-virus software (Kaspersky) and this makes no difference - still can't download any files (executables or .jpg).  I have reset browser (cleared cookies etc) - no effect. Not happy with possible workaround of amending Registry - this is no fix.  I have attached a screen shot.

Deleted: Google Chrome problem with downloads.jpg 354 KB

	Google Chrome problem with downloads.jpg 354 KB View Download

I have tried on a different desktop with Chrome - no problem.  Looks like an issue with Chrome on my machine.

Tested in chrome #69.0.3497.23 on win 10.0 and not able to reproduce the issue from TE end.Hence adding the respective label for it to  triage further.

Removing Needs-Bisect label as of now and please add if its required.

Thanks in Advance.

 Issue 875615  has been merged into this issue.

 Issue 875672  has been merged into this issue.

 Issue 875679  has been merged into this issue.

There seems to be many user reports of this coming from different chrome versions. Adding network related component as well for further debugging, as this is not repro in the corp/non-corp n/w tested in C#21 and C#2.

"RBS" for tracking purpose as multiple bugs are getting dupe as this bug.

The issue is due to the attachment service on windows, not related to antivirus softwares.

IAttachmentExecute::Save may delete the file due to some reasons, possibly a dup of http://crbug.com/153212

For affected users, can you check if the workaround in crbug/153212 works? Want to check if this is the same issue

"Start->run regedit
Find this key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
Set ScanWithAntiVirus to 1."

I can confirm said workaround works.  Also, see comment #5.

Firefox exposes an option to disable blocking dangerous download, maybe Chrome can add that setting too

nancygao@, do you think this is something we need to do?

Yes, to confirm, workaround in crbug/153212 works but I'm not comfortable to make this change permanent as:
a) why is this only affecting my machine (I have another desktop machine on Windows 10 that does not have this issue
b) the fix appears, prima facie, to reduce security on my machine

I need to understand why this interaction between Chrome and the Windows Attachment Service has suddenly affected my machine - and only my machine.  I have run various checks and I can't detect any changes to my Windows 10 configuration.  Kaspersky is not reporting any virus infection when performing a full scan.  (I haven't checked in detail for differences between the desktop that has this problem and the desktop that does not have this problem... where to start?)

This is causing me to use Firefox in the interim and I will switch permanently if a full solution is not found soon, despite the issues this will cause me.
I have not made any changes to the Firefox configuration.

I'm having the same thing happening on my machine. Let me know if there's anything I can do to help debug this. Disabling the attachments security scan indeed makes the problem go away.

I've been told Nathan Parker is investigating those.

This is the content of the chrome://version page:

Google Chrome	70.0.3528.0 (Official Build) canary (64-bit) (cohort: Clang-64)
Revision	354e37b4e7e3c9faacf4837f19c2ff88d6e61dda-refs/branch-heads/3528@{#1}
OS	Windows
JavaScript	V8 7.0.242
Flash	31.0.0.96 C:\Users\pmonette\AppData\Local\Google\Chrome SxS\User Data\PepperFlash\31.0.0.96\pepflashplayer.dll
User Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3528.0 Safari/537.36
Command Line	"C:\Users\pmonette\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --profile-directory="Profile 1" --flag-switches-begin --enable-features=ExperimentalUi --flag-switches-end --isolate-origins=https://chromium.org/,https://corp.googleapis.com/,https://storage.googleapis.com,https://ajax.googleapis.com,https://fonts.googleapis.com,https://googleplex.com/,https://googlesource.com/,https://youtube.com/,https://google.com/,https://googleacquisitionmigration.com/,https://googleusercontent.com/,https://googleprod.com/,https://nest.com/,https://myworkday.com/,https://chromiumapp.org/,https://lucidchart.com/,https://service-now.com/,https://concursolutions.com/,https://salesforce.com/,https://gcorppartners.com/,https://morganstanley.com/,https://schwab.com/,https://qualtrics.com/,https://ultipro.com/,https://google.secure2-enroll.com/,https://googlegroups.com/,https://google.secure.force.com/,https://ebenefitsnow.com/,https://firebase.com/,https://elo.plusrelocation.com/,https://anthem.com/,https://g.viapeople.net/,https://gdjap.com/,https://asana.com/,https://perquisite.net/,https://postini.com/,https://perkhub.com/,https://gstave.us/,https://geolearning.com/,https://lecorpio.com/,https://inverify.net/,https://preceda.com.au/,https://secureacceptance.cybersource.com/,https://solium.com/,https://fgvms.com/,https://ridecell.com/,https://tds.ie/,https://sprinklr.com/,https://smartsheet.com/,https://fieldglass.net/,https://dochub.com/
Executable Path	C:\Users\pmonette\AppData\Local\Google\Chrome SxS\Application\chrome.exe
Profile Path	C:\Users\pmonette\AppData\Local\Google\Chrome SxS\User Data\Profile 1
Variations	c134752e-efd95b9c
2c707b42-1d74b6d3
411b6d4e-3f4a17df
fe69e053-f23d1dea
9d7f502c-46eeaf2f
d01ab0d3-ca7d8d80
3e006338-f23d1dea
1a0d11d4-f23d1dea
16e0dd70-3f4a17df
b7e2524c-ca7d8d80
3cd9377c-aed099c4
da89714-4ad60575
64da5c1e-f23d1dea
b1681d28-1410f10
61832c80-f23d1dea
cc20827f-ca7d8d80
9041608a-f23d1dea
5852bcb0-a75ab0e
241fff6c-2ebc7cb
6025934e-3f4a17df
c27fec31-c982d8da
7c1bc906-b5809d46
47e5d3db-3d47f4f4
125b7f68-65bced95
d442dfb7-41afa35c
9ca1387e-3f4a17df
41e765a5-3f4a17df
1149accc-65bced95
6557d030-f23d1dea
ab3d6cfd-3f4a17df
34d450b1-e9aea2ba
f75ce29e-f23d1dea
a582a1b8-ad75ce17
495970ba-ca7d8d80
3042ad4b-864de28a
e56c5101-ad2fa222
e463c247-6ab49ebf
44827ee5-43146c13
edbcf7c5-30e2427e
5485fc4d-3d47f4f4
de47491b-33c3eba5
9773d3bd-ca7d8d80
93731dca-e89d496c
41f007f9-f23d1dea
9b4c4257-592e7888
43f62d3b-f23d1dea
9890128a-f23d1dea
c992f345-4ad60575
9e5c75f1-e406a769
350fabdd-34b13816
6fa07eb4-f2718d9f
f2fd8aaf-ca7d8d80
f79cb77b-3f4a17df
2ca9c26b-3f4a17df
7a5ba892-f23d1dea
d1cd70a5-f6fbb08e
4ea303a6-7fa1197f
6e6e0c7e-bfd1fe3
95876445-d72456e7
d92562a9-65bced95
7aa46da5-c946b150
74c3667-c40fe774
dc5b1f29-dc5b1f29
2c1d398c-3f4a17df
de52c077-65bced95
cc54eb06-3f4a17df
cac0a91c-77662737
58a025e3-36e97b2c
ad6d27cc-7075cd8
df072bba-44dc0b8
f242806f-5810b593
f3ea30a0-ad39de72
23496387-4ea78229
5a42b5d9-3f4a17df
344833e9-1525b35b
4bc337ce-4077d4f3
caaf551e-3f4a17df
9a2f4e5b-3fe9c4dc
494d8760-52325d43
3ac60855-3ec2a267
f296190c-75cb33fc
4442aae2-a90023b1
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-e1cc0f14
e2b18481-9d9eea77
e7e71889-e1cc0f14
f9e5da91-f23d1dea
6e3b857e-719f2123
6a51bb09-ca7d8d80
308674c4-ca7d8d80
e4eef83b-3384fa37
94e68624-3f4a17df
cc73f8a1-a3a14831
b4e8892d-3f4a17df
10a311eb-f23d1dea
8834fcca-f23d1dea

from crbug.com/153212, the root cause of the issue can be:

"- Downloads were blocked by security policy:

  Check whether the security settings are set correctly. See: http://support.microsoft.com/kb/174360. For example: if a website is in a zone with a high security level (Restricted Sites zone), then downloads will be disabled from that website.

- Malware:

  Check for malware. In one case a DLL associated with malware was registered as implementing the IOfficeAntiVirus interface. Attachment Services invokes all such implementations on the user's machine in order to scan a downloaded file. The DLL was blocked by the system causing the scan to fail and the downloaded file to be deleted.

- Misconfigured or malfunctioning anti-virus programs.

- Registry corruption:

  In at least one case, the cause was corrupted or missing registration information for CLSID_InternetSecurityManager. Running 'regsvr32 urlmon.dll' could resolve this.

- Disk corruption:

  Failure to load and execute an IOfficeAntiVirus implementation due to disk errors caused the scan to fail."

However, this doesn't explain why the download will fail on Chrome while not on firefox and Microsoft Edge.

I assume all browser are running the 64-bit version.

Are all users using ESET?

Are there users who are using some other AV product?

#31 mentioned Kaspersky.

I'm using Kaspersky

I'm using Sophos Home.  (Also, 64-bit Windows/Chrome)

M69 Stable promotion is coming VERY soon. Your bug is labelled as Stable ReleaseBlock, pls make sure to land the fix and request a merge into the release branch ASAP. Merge has to happen latest by 4:00 PM PT Friday (08/24/18) in order to make it to next week stable cut. Thank you.

Asanka@ has provided a tracing tool to diagnose the issue, i am able to build the tool on windows. Affected users, can any one of you run the attached diagnose tool and see if things work fine?

The instruction for the tool is here:
https://github.com/asankah/dwimd

I'll need a plain english translation for the "M69 Stable promotion... " message.

dwimd.exe...

Windows protected your PC
Windows Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

Kaspersky didn't see any risks with the executable.  

Perhaps Windows Defender is not turned off?  Could this be the cause of the issue with Chrome?

running dwimd.exe produced the following error messages

the code execution cannot proceed because MSVCP140D.dll was not found.  Reinstalling the program may fix this problem.

pressing ok reveals further error message

The code execution cannot proceed because VCRUNTIME140D.dll was not found. Reinstalling the program may fix this problem.

and 
The code execution cannot proceed because ucrtbased.dll was not found. Reinstalling the program may fix this problem.

#42, I think this is because i need to link the dlls into the exe

You can try the new exe file attached, it should have the libraries linked

Deleted: dwimd.exe 1.1 MB

dwimd.exe 1.1 MB Download

Ran dwimd
No failures detected
see output from execution attached.

Deleted: Output from dwimd.jpg 55.7 KB

	Output from dwimd.jpg 55.7 KB View Download

My results:

Test parameters:
  path = D:\Download\test_download_389238.zip
  url  = http://www.example.com/download

Running test: AV Scanners

  Running test with {13B65A91-FC6A-4FD8-B042-60B788FEB89C}
      Name: DmonObject Class
      Path: C:\Program Files\ESET\ESET Smart Security\DMON.dll
    Scanner returns 0 (S_OK. The scan was successful.)
    Time elapsed: 16ms
  Done

Running test: Attachment Policy
    Invoking Attachment Services
    IAttachmentExecute::CheckPolicy() returned code 1 (S_FALSE. Prompt)
    IAttachmentExecute::Save() returned code 0 (S_OK. The scan was successful.)
    Time elapsed: 47ms
  Done

Summary:
No failures detected.

My results:

PS C:\Users\Matthew\Downloads> .\dwimd.exe
Test parameters:
  path = C:\Users\Matthew\Downloads\test_download_389238.zip
  url  = http://www.example.com/download

Running test: AV Scanners

  Running test with {451366AB-D055-4587-80F5-8D20D972FAD1}
      Name: SophosOfficeAVImpl Class
      Path: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosOfficeAVx64.dll
    Scanner returns 0 (S_OK. The scan was successful.)
    Time elapsed: 16ms
  Done

Running test: Attachment Policy
    Invoking Attachment Services
    IAttachmentExecute::CheckPolicy() returned code 1 (S_FALSE. Prompt)
    IAttachmentExecute::Save() returned code 0 (S_OK. The scan was successful.)
    Time elapsed: 15ms
  Done

Summary:
No failures detected.

Thanks for running the diagnostics! The purpose of the tool is to evaluate the overall health of the Windows Attachment Manager which is the component that's currently failing when Chrome invokes it.

If the tool says "No failures detected", then the Attachment Manager is fine and the causes mentioned in #33 and issue 153212 don't apply.

The Attachment Manager invokes each registered AV product in turn and asks them to evaluated the file that was just downloaded. If *anything* goes wrong at this phase, the AM assumes there's something wrong with the file and deletes it.

So the next thing to check is third party DLL blocking. This is the next most likely thing to go wrong.

Could someone who's affected by the bug do the following:

  1. Open Chrome (should already be the case since you are looking at this)
  2. Visit chrome://conflicts (might take a while)
  3. Verify that it says "ThirdPartyModulesBlocking feature is enabled".
     If it says "ThirdPartyModulesBlocking feature is disabled", (note "disabled"), then we are looking at something else. Let me know.
  4. Close all Chrome windows. (should copy these instructions to Notepad or something.)
  5. Start Chrome with the following command-line flag (I'll explain how below):

       --disable-features=ThirdPartyModulesBlocking,IncompatibleApplicationsWarning

     i.e. if you are running Chrome Beta, your commandline would be something like

       "%ProgramFiles(x86)%\Google\Chrome Beta\Application\chrome.exe" --disable-features=ThirdPartyModulesBlocking,IncompatibleApplicationsWarning

     (all in one line)

     The command-line for Chrome Canary would be

       "%LocalAppData%\Google\Chrome SxS\Application\chrome.exe" --disable-features=ThirdPartyModulesBlocking,IncompatibleApplicationsWarning

     For most users, just copying one of the above command lines to the Run dialog (invoked via <Windows>-R) should be sufficient.

   6. Go to chrome://conflicts again. Verify that it says "ThirdPartyModulesBlocking is disabled"

   7. Download something.  

hmm. The commandlines broke while pasting. You want --disable-features.

Thanks for your help.

Just tested.  "Both the IncompatibleApplicationsWarning and ThirdPartyModulesBlocking features are disabled."

Same error I'm afraid.

Tagging in @pmonette.

#51. Hmm. Let's see what's going on.

matthew@wolfie.ovh, does download work fine in edge or firefox for you?

Yes, works fine in Edge, I haven't tested in Firefox.

(Bounce up since it's a blocker.)

After I did the trick with the command line, downloads started working. 

They also keep working when I restarted Chrome using normal shortcut, so I can't really say if something else magically fixed the issue today or launching once with this command line switch did it.

Also, when I went to chrome://conflicts page after starting Chrome from this command line, I could only see loading message (and Chrome crashed when I tried to refresh it).

Could everyone having the issue post the following information so I can diagnose further?

Post the value of the variations in chrome://version (that means including all the numbers)

Go to chrome://conflicts (if you can reach it...) and search for a blocked DLL (Blocked under the Conflicts Status column)
Paste the whole line for that DLL. Try to find another DLL with the same "Code Id" value on the page. Paste that whole line too.

Example:
---------
Variations	c134752e-efd95b9c
2c707b42-ca7d8d80
411b6d4e-3f4a17df
fe69e053-f23d1dea
9d7f502c-46eeaf2f
d01ab0d3-9c26e87f
3e006338-f23d1dea
1a0d11d4-f23d1dea
16e0dd70-3f4a17df
66df3e9d-112b0163
b7e2524c-3f4a17df
3cd9377c-aed099c4
da89714-4ad60575
64da5c1e-f23d1dea
8982496f-f23d1dea
b1681d28-1410f10
61832c80-f23d1dea
cc20827f-1a7b506b
9041608a-f23d1dea
5852bcb0-f23d1dea
241fff6c-f6d61482
6025934e-3f4a17df
c27fec31-c982d8da
7c1bc906-86bf56d9
47e5d3db-3d47f4f4
125b7f68-65bced95
d442dfb7-41afa35c
9ca1387e-3f4a17df
41e765a5-3f4a17df
1149accc-65bced95
6557d030-6557d030
ab3d6cfd-3f4a17df
34d450b1-e9aea2ba
f75ce29e-f23d1dea
a582a1b8-ad75ce17
495970ba-3d53b7fd
3042ad4b-864de28a
ebbb4e0a-ca7d8d80
e56c5101-ad2fa222
267255c3-f4950e99
e463c247-c40fe774
44827ee5-43146c13
345b5b61-3f4a17df
edbcf7c5-30e2427e
5485fc4d-3d47f4f4
de47491b-33c3eba5
9773d3bd-ca7d8d80
93731dca-e89d496c
41f007f9-f23d1dea
9b4c4257-592e7888
43f62d3b-f23d1dea
9890128a-f23d1dea
c992f345-4ad60575
165e16d1-3f4a17df
9e5c75f1-e406a769
350fabdd-34b13816
6fa07eb4-b398aa14
f2fd8aaf-b13ae1c7
f79cb77b-3f4a17df
2ca9c26b-3f4a17df
7a5ba892-3f4a17df
d1cd70a5-f6fbb08e
4ea303a6-dce567e9
6e6e0c7e-f23d1dea
95876445-ca7d8d80
d92562a9-65bced95
7aa46da5-c946b150
74c3667-c40fe774
dc5b1f29-dc5b1f29
2c1d398c-f23d1dea
de52c077-65bced95
cc54eb06-f23d1dea
cac0a91c-77662737
58a025e3-36e97b2c
ad6d27cc-7075cd8
df072bba-44dc0b8
f242806f-5810b593
f3ea30a0-ad39de72
23496387-4ea78229
5a42b5d9-3f4a17df
344833e9-1525b35b
3f273a97-e3ad1896
4bc337ce-4077d4f3
caaf551e-3f4a17df
9a2f4e5b-3fe9c4dc
494d8760-52325d43
3ac60855-3ec2a267
f296190c-75cb33fc
4442aae2-a90023b1
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-e1cc0f14
e2b18481-9d9eea77
e7e71889-e1cc0f14
f9e5da91-f23d1dea
6e3b857e-719f2123
6a51bb09-ca7d8d80
308674c4-ca7d8d80
e4eef83b-1410f10
94e68624-3f4a17df
cc73f8a1-a3a14831
b4e8892d-3f4a17df
10a311eb-cf4f6ead
8834fcca-f23d1dea
3f33c9bd-8b2dbab6

In chrome://conflicts:
Blocked:
Version Checking and File Installation Libraries	Microsoft Windows	10.0.16299.15	4B7E1299a000	%systemroot%\system32\ version.dll	Blocked, Not loaded, In blacklist cache, Allowed - Microsoft module
NVIDIA Shell Extensions	NVIDIA Corporation	8.17.13.7563	580AFEB798000	%systemroot%\system32\ nv3dappshext.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA Display Shell Extension	NVIDIA Corporation	375.63	580AFE9113000	%systemroot%\system32\ nvshext.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
Dropbox Shell Extension	Dropbox, Inc	1.0.0.1	5B72C0D95b000	c:\program files (x86)\dropbox\client\ dropboxext64.22.0.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
7-Zip Shell Extension		18.05	5AE7054017000	%programfiles%\7-zip\ 7-zip.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA User Experience Driver Component	NVIDIA Corporation	8.17.13.7563	580AF56B515000	%programfiles%\nvidia corporation\display\ nvui.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted

Same Code Id as one of the blocked:
Version Checking and File Installation Libraries		10.0.16299.15	4B7E1299a000	%localappdata%\google\chrome sxs\application\ version.dll	Bypassed blocking, In blacklist cache, Disallowed - Implicitly blacklisted

---------------------
Thanks!

pmonette@, just curious, what is the reason version.dll is blacklisted while it is a Microsoft module?

c134752e-efd95b9c
2c707b42-1d74b6d3
411b6d4e-3f4a17df
fe69e053-83ce3e87
9d7f502c-46eeaf2f
d01ab0d3-9a4f4cc6
3e006338-f23d1dea
1a0d11d4-f23d1dea
e202a358-3f4a17df
16e0dd70-3f4a17df
66df3e9d-112b0163
b7e2524c-300e5653
a6674cf-6a677ba7
3cd9377c-ca7d8d80
da89714-4ad60575
64da5c1e-ca7d8d80
8982496f-58d0624c
b1681d28-1410f10
61832c80-3f4a17df
cc20827f-ca7d8d80
9041608a-3f4a17df
5852bcb0-f23d1dea
ca05d627-3f4a17df
c27fec31-c982d8da
7c1bc906-86bf56d9
47e5d3db-3d47f4f4
125b7f68-26e7b859
d442dfb7-eeca42f7
9ca1387e-3f4a17df
41e765a5-f23d1dea
1149accc-f23d1dea
6557d030-f23d1dea
ab3d6cfd-f23d1dea
4dc30737-b8a5ea08
34d450b1-661b46ec
f75ce29e-f23d1dea
a582a1b8-ad75ce17
495970ba-ca7d8d80
3042ad4b-ca54bb47
ebbb4e0a-ca7d8d80
e56c5101-ad2fa222
e463c247-6ab49ebf
44827ee5-f23d1dea
88a387d2-f0d95b7c
edbcf7c5-d7251499
5485fc4d-3d47f4f4
de47491b-33c3eba5
9773d3bd-ca7d8d80
93731dca-b4cbfb4e
41f007f9-f23d1dea
9b4c4257-592e7888
43f62d3b-f23d1dea
c992f345-4ad60575
9e5c75f1-f86a0782
6fa07eb4-ca7d8d80
f2fd8aaf-ca7d8d80
7a5ba892-3f4a17df
d1cd70a5-bed6d81c
4ea303a6-992bcdaa
6e6e0c7e-ca7d8d80
95876445-ca7d8d80
d92562a9-4d2fac87
7aa46da5-c946b150
74c3667-6ab49ebf
dc5b1f29-f23d1dea
2c1d398c-3f4a17df
cc54eb06-3f4a17df
cac0a91c-77662737
58a025e3-36e97b2c
ad6d27cc-1627c3cf
df072bba-ca7d8d80
ff29b1bd-f21dcc16
f3ea30a0-ad39de72
23496387-232b3cab
5a42b5d9-3f4a17df
344833e9-473e8c2e
3f273a97-e3ad1896
4bc337ce-4077d4f3
caaf551e-3f4a17df
9a2f4e5b-ca7d8d80
494d8760-52325d43
3ac60855-486e2a9c
f296190c-e00d173c
4442aae2-4ad60575
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-d7f6b13c
e2b18481-7158671e
e7e71889-e1cc0f14
f9e5da91-508355f5
6e3b857e-1410f10
6a51bb09-ca7d8d80
308674c4-70c7414a
e4eef83b-1410f10
94e68624-3f4a17df
cc73f8a1-a3a14831
b4e8892d-3f4a17df
10a311eb-cf4f6ead
8834fcca-cf4f6ead
3f33c9bd-8b2dbab6

Icaros Property Handler		3.0.9.302	5B12872Dba000	c:\program files (x86)\k-lite codec pack\icaros\64-bit\ icarospropertyhandler.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
Icaros Thumbnail Provider		3.0.9.302	5B12872E5c000	c:\program files (x86)\k-lite codec pack\icaros\64-bit\ icarosthumbnailprovider.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
Sophos download scanning component	Sophos Limited	10.8.1	5A9D604229000	c:\program files (x86)\sophos\sophos anti-virus\ sophosofficeavx64.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
Sophos Home Shell Extension	Sophos Limited	2.2.68	5B28BCC564000	c:\program files (x86)\sophos\sophos home\ sophoshomeshellextx64.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
Windows Shell Overlay Icon Handler		1,0,0,46	595FB1AE2f000	c:\program files (x86)\stack\shellext\ ocoverlays_x64.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
7-Zip Shell Extension		18.05	5AE7054017000	%programfiles%\7-zip\ 7-zip.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA User Experience Driver Component	NVIDIA Corporation	8.17.13.9135	5AB5822261f000	%programfiles%\nvidia corporation\display\ nvui.dll ( Shell extension )	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA Shell Extensions	NVIDIA Corporation	6.14.13.9135	5AB585DDad000	%systemroot%\system32\ nv3dappshext.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA Display Shell Extension	NVIDIA Corporation	391.35	5AB585AB20000	%systemroot%\system32\ nvshext.dll	Blocked, Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted

Same Code ID:
NVIDIA Shell Extensions	NVIDIA Corporation	6.14.13.9135	5AB585DDad000	%systemroot%\system32\ nv3dappshext.dll ( Shell extension )	Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted
NVIDIA Display Shell Extension	NVIDIA Corporation	391.35	5AB585AB20000	%systemroot%\system32\ nvshext.dll ( Shell extension )	Not loaded, In blacklist cache, Disallowed - Implicitly blacklisted

I think that's what you wanted?

My case is very contrived. I copied version.dll from system32 to the directory of chrome.exe and truncated the file to remove the signature (so it is no longer a valid microsoft dll). This doesn't change the SizeOfImage and TimeDateStamp value in the DLL, and these are the values used in the local blacklist to uniquely identify a dll.

So the truncated dll is added to the blacklist but it matches the real one so both are actually blacklisted.

Removing release-stable because the feature is behind a experiment that is not enabled on stable.

#59, looks like Sophos is blocked, that's why download is failing

I am using Chrome Version 69.0.3497.42 (Official Build) beta (64-bit).

I don't have a "Chrome Beta" directory despite this... 

I ran:
"%ProgramFiles(x86)%\Google\Chrome\Application\chrome.exe" --disable-features=ThirdPartyModulesBlocking,IncompatibleApplicationsWarning

I confirmed that ThirdPartyModulesBlocking is disabled.

I downloaded something and it failed as before i.e. "Virus Scan failed".

I'll now move on the next steps requested.

Google Chrome	69.0.3497.42 (Official Build) beta (64-bit) (cohort: Beta)
Revision	9c4613c66dfeb2b76ef6dd4b15884c15db3b4969-refs/branch-heads/3497@{#655}
OS	Windows
JavaScript	V8 6.9.427.14
Flash	30.0.0.154 C:\Users\Mark\AppData\Local\Google\Chrome\User Data\PepperFlash\30.0.0.154\pepflashplayer.dll
User Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.42 Safari/537.36
Command Line	"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
Executable Path	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Profile Path	C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
Variations	c134752e-efd95b9c
d01ab0d3-ca7d8d80
3e006338-3f4a17df
b7e2524c-300e5653
a6674cf-700e1052
b1681d28-803f8fc4
cc20827f-ca7d8d80
8502ae4f-6b5e5ddf
38eb801c-3f4a17df
c27fec31-2d5b6ed9
7c1bc906-8122a015
47e5d3db-3d47f4f4
125b7f68-25d35d0e
d442dfb7-eeca42f7
9ca1387e-3f4a17df
41e765a5-f23d1dea
1149accc-3f4a17df
4dc30737-b8a5ea08
ba18e3fd-3f4a17df
a582a1b8-ad75ce17
8ee5ed19-ca7d8d80
74658432-ca7d8d80
3042ad4b-f23d1dea
e56c5101-ad2fa222
44827ee5-3f4a17df
88a387d2-feba5af7
edbcf7c5-b10afc34
5485fc4d-3f4a17df
de47491b-33c3eba5
9773d3bd-f23d1dea
93731dca-b4cbfb4e
9b4c4257-592e7888
9e5c75f1-e10fa620
45df16ca-3f4a17df
f79cb77b-3f4a17df
4ea303a6-87f08c4f
6e6e0c7e-ca7d8d80
95876445-400575af
d92562a9-4d2fac87
7aa46da5-c946b150
4da5ae82-f23d1dea
2c1d398c-f23d1dea
6973a1cf-3f4a17df
cc54eb06-f23d1dea
cac0a91c-77662737
58a025e3-36e97b2c
ad6d27cc-1627c3cf
df072bba-9a6c5085
ff29b1bd-54dd8886
f3ea30a0-f23d1dea
4bc337ce-69465896
caaf551e-3f4a17df
9a2f4e5b-ca7d8d80
17507c76-3d47f4f4
494d8760-52325d43
3ac60855-486e2a9c
f296190c-38939ee9
4442aae2-6e597ede
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-a5822863
e2b18481-92bb99a9
e7e71889-e1cc0f14
3a4029d-ca7d8d80
94e68624-1410f10
cc73f8a1-a3a14831
10a311eb-f23d1dea
8834fcca-cf4f6ead
81c6897f-3f4a17df
ea0f933d-f23d1dea
Linker	lld-link

chrome://conflicts
no "Blocked" elements

values seen under Conflicts Status:
Not loaded
Allowed - Matching certificate
Disallowed - Added to the blacklist
Allowed - Microsoft module

All lines with the value "Disallowed - Added to the blacklist" 
Kaspersky Inproc Agent
================
Kaspersky Inproc Agent	Kaspersky Lab	20.0.543.13	5A94114C21b000	c:\program files (x86)\kaspersky lab\kaspersky total security 19.0.0\x64\ inproc_agent.dll	Disallowed - Added to the blacklist

Kaspersky Injected Plugin
==================
Kaspersky Injected Plugin	Kaspersky Lab	6.0.679.0	5B761A1951000	%programdata%\kaspersky lab\avp19.0.0\bases\cache\klip\ klip_031480b80ccf9d406c93b4b75a45fafe.dll	Disallowed - Added to the blacklist
	Kaspersky Lab	16.0.11.0	5AB4E15448000	%programdata%\kaspersky lab\avp19.0.0\bases\ klsihk64.dll	Disallowed - Added to the blacklist

Code IDs in each of the three "disallowed" lines only appear once in Chrome://conflicts

---
postscript - on the other desktop I have (where I don't have the problem) I'm running a different anti-virus program (McAfee)... do you want me to get the same data for that desktop? and post here for comparison?

[are we getting closer?]

:-)

here's the situation on my other desktop running McAfee AV:

Version 68.0.3440.106 (Official Build) (64-bit)

Running McAfee AV

No conflicts reported by Chrome://conflicts 


Google Chrome	68.0.3440.106 (Official Build) (64-bit) (cohort: Stable)
Revision	1c32c539ce0065a41cb79da7bfcd2c71af1afe62-refs/branch-heads/3440@{#794}
OS	Windows
JavaScript	V8 6.8.275.26
Flash	30.0.0.154 C:\Users\Susan\AppData\Local\Google\Chrome\User Data\PepperFlash\30.0.0.154\pepflashplayer.dll
User Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Command Line	"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
Executable Path	C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Profile Path	C:\Users\Susan\AppData\Local\Google\Chrome\User Data\Default
Variations	c134752e-1ece3553
34a6bf44-ca7d8d80
bacf97b2-ca7d8d80
241fff6c-1623a499
8502ae4f-ca7d8d80
3095aa95-3f4a17df
c27fec31-c982d8da
7c1bc906-f55a7974
47e5d3db-3d47f4f4
125b7f68-a3dbe669
1149accc-f23d1dea
4dc30737-b8a5ea08
a582a1b8-ad75ce17
3042ad4b-ca7d8d80
ebbb4e0a-ca7d8d80
e56c5101-ad2fa222
44827ee5-3f4a17df
8f1e27f-ca7d8d80
de47491b-33c3eba5
9773d3bd-f23d1dea
43f62d3b-28165b59
9e5c75f1-1516d05
4ea303a6-e3753463
bcc34a89-3f4a17df
7aa46da5-c946b150
4da5ae82-ca7d8d80
2c1d398c-ca7d8d80
6973a1cf-3f4a17df
cac0a91c-77662737
58a025e3-36e97b2c
2a32876a-ca7d8d80
ff29b1bd-37ef7e17
da460ac8-3f4a17df
4bc337ce-69465896
9a2f4e5b-7b04217c
1354da85-f1a864dc
17507c76-ca7d8d80
494d8760-52325d43
f47ae82a-746c2ad4
3ac60855-486e2a9c
f296190c-f433a0a7
4442aae2-4ad60575
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-a5822863
e2b18481-e1cc0f14
e7e71889-e1cc0f14
3a8271ac-12c226
b1ceb06f-d1372334
3a4029d-ca7d8d80
94e68624-803f8fc4
8834fcca-ca7d8d80
Linker	lld-link

#66 just to add Chrome is working ok on this other desktop (the one running McAfee)

After system reboot download stopped working again, here are conflicts and ids:

c134752e-95b424ac
d01ab0d3-a1f91ada
3e006338-f23d1dea
1a0d11d4-f23d1dea
b7e2524c-f23d1dea
b1681d28-1410f10
cc20827f-ca7d8d80
38eb801c-3f4a17df
c27fec31-c982d8da
7c1bc906-f55a7974
47e5d3db-3d47f4f4
125b7f68-26e7b859
d442dfb7-41afa35c
9ca1387e-f23d1dea
41e765a5-3f4a17df
1149accc-3f4a17df
4dc30737-b8a5ea08
a582a1b8-ad75ce17
8ee5ed19-5ebab721
74658432-afba7fac
3042ad4b-f23d1dea
ebbb4e0a-ca7d8d80
e56c5101-ad2fa222
e463c247-c40fe774
44827ee5-3f4a17df
345b5b61-3f4a17df
edbcf7c5-7dcbaf16
5485fc4d-ca7d8d80
9773d3bd-f23d1dea
93731dca-3d47f4f4
9b4c4257-6ad6e56e
9e5c75f1-e10fa620
45df16ca-3f4a17df
f79cb77b-3f4a17df
2ca9c26b-3d47f4f4
4ea303a6-87f08c4f
6e6e0c7e-3f17a7d8
95876445-ca7d8d80
7aa46da5-c946b150
4da5ae82-3f4a17df
2c1d398c-9597b6c7
6973a1cf-3f4a17df
cc54eb06-f23d1dea
cac0a91c-77662737
58a025e3-36e97b2c
ad6d27cc-1627c3cf
df072bba-9a6c5085
f3ea30a0-ca7d8d80
4bc337ce-69465896
caaf551e-3f4a17df
9a2f4e5b-3fe32955
17507c76-3d47f4f4
494d8760-52325d43
3ac60855-486e2a9c
f296190c-38939ee9
4442aae2-e1cc0f14
ed1d377-e1cc0f14
12e17bc5-e1cc0f14
75f0f0a0-d7f6b13c
e2b18481-a5822863
e7e71889-e1cc0f14
618c533-70ea8f25
3a4029d-ca7d8d80
94e68624-803f8fc4
cc73f8a1-a2d707c6
10a311eb-f23d1dea
8834fcca-cf4f6ead
81c6897f-3f4a17df
ea0f933d-f23d1dea


ESET Document Scanner DLL	ESET, spol. s r.o.	11.2.49.0	5B47487F40000	%programfiles%\eset\eset smart security\ dmon.dll ( blocked )	Disallowed - Blocked
ESET OPP Monitor	ESET, spol. s r.o.	N/A	5B509DD94c000	%programfiles%\eset\eset smart security\ eoppmonitor.dll	Disallowed - Added to the blacklist
ESET Plugin for Google Chrome	ESET, spol. s r.o.	N/A	5B559EAF35000	%programfiles%\eset\eset smart security\ eplgchrome.dll ( blocked )	Disallowed - Blocked
ESET Shell Extension	ESET, spol. s r.o.	11.2.49.0	5B47495F48000	%programfiles%\eset\eset smart security\ shellext.dll ( Shell extension )	Not loaded

Thanks for the details everyone.

Right now, we're pretty sure we have identified the issue. Too bad we didn't caught that sooner but blocking DLLs used to scan downloaded files makes those scans fail.

@mkii.px: The blocking is not enabled on version 68.*, this is why it's not happening on your desktop running McAfee.
You also mention turning off the third-party dll feature via the command-line and still seeing the problem, but that is expected. Chrome requires 2 restart to disable this specific feature. Try launching chrome twice in a row (waiting until it loads up completely before restarting) with this command-line and the issue should disappear:
chrome --disable-features=ThirdPartyModulesBlocking

Note that we'll turn off the experiment on the beta channel until the issue is resolved.

@pmonette How long will it take for the experiment to disable?  Will it require a version release?

It won't require a version release. It's a server-change that Chrome can pick up at runtime, that will then require a restart to take effect.

I just made the change and you should expect to get it in the next few hours. Try restarting the browser every once in a while and check the chrome://version page for your variations.

In the list you should expect to see this if the experiment is still enabled:
caaf551e-3f4a17df

While you should see this string in the list when the experiment is disabled:
caaf551e-3fc362e4

Once disabled, a final restart after letting Chrome runs for at least 5 minutes should do the trick.

 Issue 876960  has been merged into this issue.

 Issue 876074  has been merged into this issue.

 Issue 868727  has been merged into this issue.

#71 hurrah!  it worked!  

Also can confirm that now downloading works fine on 69 beta.

this worked for me but definitely not comfortable keeping setting to '1'. Every other browser downloads fine - specifically Firefox.

Here are my Specs:
- Win10 Pro - ver 1803 (OS Build 17134.165)
- Chrome Browser - Version 68.0.3440.106 (Official Build) (64-bit)
- Anti-virus program - Bitdefender Antivirus Plus 2018

Thank you

Alp

@ alphorizons

We have disabled the experiment that was causing downloads to fail. You should be able to set back your setting to its default value "3" without issues.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ed0a1be1c911211dd774d4b9be480a94fd9eccb4

commit ed0a1be1c911211dd774d4b9be480a94fd9eccb4
Author: Patrick Monette <pmonette@chromium.org>
Date: Tue Aug 28 23:52:22 2018

Fix the issue with 3rd-party DLL blocking and IAttachmentExecute

Because the IAttachmentExecute interface will invoke registered
third-party IOfficeAntiVirus provider, it's possible to put Chrome
in a state where all downloads fail if a DLL needed by one of the
provider is blocked.

This CL introduces 2 temporary solutions that aims to separately
address the issue for enterprise and regular users. The long-term
solution is to move the call to the attachment services to a
utility process where third-party DLL injection is explicitly
allowed.

For enterprise users, simply never enable the blocking feature on
domain-joined machines.

For regular users, add a feature (InvokeAttachmentServices) that
allows us to no longer invoke the IAttachmentExecute interface and
instead use the fallback code path that manually sets the Zone
Identifier (Mark of the Web).

The fallback code was a bit outdated because Windows 10 now adds the
HostUrl and ReferrerUrl data into the Zone Identifier. This CL adds
a new feature that writes this data similarly to how the
IAttachmentExecute interface does. This change is also behind a new
feature (AugmentedZoneIdentifier).

Finally, the chrome.mediaGalleries API
(https://developer.chrome.com/apps/mediaGalleries) was also using
the IAttachmentExecute API. A third feature now controls whether
the mediaGalleries component uses the same function as the download
manager, in order to benefits from the changes described above.

Bug: 870998
Change-Id: I50c5d804c469b2499f1e6ec6998e146baaaace7a
Reviewed-on: https://chromium-review.googlesource.com/1188864
Reviewed-by: Asanka Herath <asanka@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Chris Hamilton <chrisha@chromium.org>
Reviewed-by: Min Qin <qinmin@chromium.org>
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Cr-Commit-Position: refs/heads/master@{#586940}
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/BUILD.gn
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/chrome_browser_main_win.cc
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/conflicts/module_database_win.cc
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/media_galleries/fileapi/av_scanning_file_validator.cc
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/ui/webui/conflicts/conflicts_handler.cc
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/chrome/browser/ui/webui/conflicts/conflicts_handler.h
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/components/download/quarantine/BUILD.gn
[add] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/components/download/quarantine/quarantine_features_win.cc
[add] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/components/download/quarantine/quarantine_features_win.h
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/components/download/quarantine/quarantine_win.cc
[modify] https://crrev.com/ed0a1be1c911211dd774d4b9be480a94fd9eccb4/components/download/quarantine/quarantine_win_unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6ab174bd663c2e6ef4e620eee1af40c6adcfa399

commit 6ab174bd663c2e6ef4e620eee1af40c6adcfa399
Author: Reid Kleckner <rnk@chromium.org>
Date: Wed Aug 29 15:07:32 2018

Revert "Fix the issue with 3rd-party DLL blocking and IAttachmentExecute"

This reverts commit ed0a1be1c911211dd774d4b9be480a94fd9eccb4.

Reason for revert: Causes a test failure in official builds:
https://uberchromegw.corp.google.com/i/official.desktop.continuous/builders/win%20trunk/builds/91463

Original change's description:
> Fix the issue with 3rd-party DLL blocking and IAttachmentExecute
> 
> Because the IAttachmentExecute interface will invoke registered
> third-party IOfficeAntiVirus provider, it's possible to put Chrome
> in a state where all downloads fail if a DLL needed by one of the
> provider is blocked.
> 
> This CL introduces 2 temporary solutions that aims to separately
> address the issue for enterprise and regular users. The long-term
> solution is to move the call to the attachment services to a
> utility process where third-party DLL injection is explicitly
> allowed.
> 
> For enterprise users, simply never enable the blocking feature on
> domain-joined machines.
> 
> For regular users, add a feature (InvokeAttachmentServices) that
> allows us to no longer invoke the IAttachmentExecute interface and
> instead use the fallback code path that manually sets the Zone
> Identifier (Mark of the Web).
> 
> The fallback code was a bit outdated because Windows 10 now adds the
> HostUrl and ReferrerUrl data into the Zone Identifier. This CL adds
> a new feature that writes this data similarly to how the
> IAttachmentExecute interface does. This change is also behind a new
> feature (AugmentedZoneIdentifier).
> 
> Finally, the chrome.mediaGalleries API
> (https://developer.chrome.com/apps/mediaGalleries) was also using
> the IAttachmentExecute API. A third feature now controls whether
> the mediaGalleries component uses the same function as the download
> manager, in order to benefits from the changes described above.
> 
> Bug: 870998
> Change-Id: I50c5d804c469b2499f1e6ec6998e146baaaace7a
> Reviewed-on: https://chromium-review.googlesource.com/1188864
> Reviewed-by: Asanka Herath <asanka@chromium.org>
> Reviewed-by: Lei Zhang <thestig@chromium.org>
> Reviewed-by: Chris Hamilton <chrisha@chromium.org>
> Reviewed-by: Min Qin <qinmin@chromium.org>
> Commit-Queue: Patrick Monette <pmonette@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#586940}

TBR=chrisha@chromium.org,thestig@chromium.org,qinmin@chromium.org,pmonette@chromium.org,asanka@chromium.org

Change-Id: I9dd91dd84df4d7a7eddc8f2f6e264720e26b1e3b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 870998
Reviewed-on: https://chromium-review.googlesource.com/1195436
Reviewed-by: Reid Kleckner <rnk@chromium.org>
Commit-Queue: Reid Kleckner <rnk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#587119}
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/BUILD.gn
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/chrome_browser_main_win.cc
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/conflicts/module_database_win.cc
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/media_galleries/fileapi/av_scanning_file_validator.cc
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/ui/webui/conflicts/conflicts_handler.cc
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/chrome/browser/ui/webui/conflicts/conflicts_handler.h
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/components/download/quarantine/BUILD.gn
[delete] https://crrev.com/018c0dd8eaeda83f721b65779ef035291ad9484e/components/download/quarantine/quarantine_features_win.cc
[delete] https://crrev.com/018c0dd8eaeda83f721b65779ef035291ad9484e/components/download/quarantine/quarantine_features_win.h
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/components/download/quarantine/quarantine_win.cc
[modify] https://crrev.com/6ab174bd663c2e6ef4e620eee1af40c6adcfa399/components/download/quarantine/quarantine_win_unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8

commit 8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8
Author: Patrick Monette <pmonette@chromium.org>
Date: Wed Aug 29 18:40:43 2018

Reland "Fix the issue with 3rd-party DLL blocking and IAttachmentExecute"

This is a reland of ed0a1be1c911211dd774d4b9be480a94fd9eccb4 after fixing
a broken test.

Original change's description:
> Fix the issue with 3rd-party DLL blocking and IAttachmentExecute
>
> Because the IAttachmentExecute interface will invoke registered
> third-party IOfficeAntiVirus provider, it's possible to put Chrome
> in a state where all downloads fail if a DLL needed by one of the
> provider is blocked.
>
> This CL introduces 2 temporary solutions that aims to separately
> address the issue for enterprise and regular users. The long-term
> solution is to move the call to the attachment services to a
> utility process where third-party DLL injection is explicitly
> allowed.
>
> For enterprise users, simply never enable the blocking feature on
> domain-joined machines.
>
> For regular users, add a feature (InvokeAttachmentServices) that
> allows us to no longer invoke the IAttachmentExecute interface and
> instead use the fallback code path that manually sets the Zone
> Identifier (Mark of the Web).
>
> The fallback code was a bit outdated because Windows 10 now adds the
> HostUrl and ReferrerUrl data into the Zone Identifier. This CL adds
> a new feature that writes this data similarly to how the
> IAttachmentExecute interface does. This change is also behind a new
> feature (AugmentedZoneIdentifier).
>
> Finally, the chrome.mediaGalleries API
> (https://developer.chrome.com/apps/mediaGalleries) was also using
> the IAttachmentExecute API. A third feature now controls whether
> the mediaGalleries component uses the same function as the download
> manager, in order to benefits from the changes described above.
>
> Bug: 870998
> Change-Id: I50c5d804c469b2499f1e6ec6998e146baaaace7a
> Reviewed-on: https://chromium-review.googlesource.com/1188864
> Reviewed-by: Asanka Herath <asanka@chromium.org>
> Reviewed-by: Lei Zhang <thestig@chromium.org>
> Reviewed-by: Chris Hamilton <chrisha@chromium.org>
> Reviewed-by: Min Qin <qinmin@chromium.org>
> Commit-Queue: Patrick Monette <pmonette@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#586940}

Bug: 870998, 852295
Tbr: chrisha@chromium.org
Tbr: thestig@chromium.org,
Tbr: qinmin@chromium.org
Tbr: asanka@chromium.org
Change-Id: I7d3e52e16f69ce746ebd682bdf1d69d78441f488
Reviewed-on: https://chromium-review.googlesource.com/1195682
Reviewed-by: Patrick Monette <pmonette@chromium.org>
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Cr-Commit-Position: refs/heads/master@{#587215}
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/BUILD.gn
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/chrome_browser_main_win.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/conflicts/module_database_win.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/conflicts/third_party_blocking_browsertest.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/media_galleries/fileapi/av_scanning_file_validator.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/ui/webui/conflicts/conflicts_handler.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/chrome/browser/ui/webui/conflicts/conflicts_handler.h
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/components/download/quarantine/BUILD.gn
[add] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/components/download/quarantine/quarantine_features_win.cc
[add] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/components/download/quarantine/quarantine_features_win.h
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/components/download/quarantine/quarantine_win.cc
[modify] https://crrev.com/8d504abce6c95d79fbb0ffc17a73fc6a07ac29c8/components/download/quarantine/quarantine_win_unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ad471a3245f57ea59728ca18aa97a003fdbd38e7

commit ad471a3245f57ea59728ca18aa97a003fdbd38e7
Author: Patrick Monette <pmonette@chromium.org>
Date: Thu Sep 20 21:55:59 2018

Move IsFileQuarantined() to a test-only build target

This will simplify future refactoring where QuarantineFile() is moved to
an OOP service but not IsFileQuarantined().

This CL includes no functional change.

Bug: 870998
Change-Id: Ic30bf70b119e37de88baa374a4791678df80d393
Reviewed-on: https://chromium-review.googlesource.com/1228782
Reviewed-by: Asanka Herath <asanka@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Min Qin <qinmin@chromium.org>
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Cr-Commit-Position: refs/heads/master@{#592963}
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/chrome/browser/download/download_browsertest.cc
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/chrome/test/BUILD.gn
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/chrome/test/ppapi/ppapi_filechooser_browsertest.cc
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/BUILD.gn
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/DEPS
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_linux.cc
[rename] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_linux.h
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_mac.h
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_mac.mm
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_win.cc
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/common_win.h
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine.cc
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine.h
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine_linux.cc
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine_linux_unittest.cc
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine_mac.mm
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine_mac_unittest.mm
[modify] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/quarantine_win.cc
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/test_support.cc
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/test_support.h
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/test_support_linux.cc
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/test_support_mac.mm
[add] https://crrev.com/ad471a3245f57ea59728ca18aa97a003fdbd38e7/components/download/quarantine/test_support_win.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9fcffa24d24dcdc4ebf7cbb286891975a900d840

commit 9fcffa24d24dcdc4ebf7cbb286891975a900d840
Author: Patrick Monette <pmonette@chromium.org>
Date: Wed Oct 03 22:57:11 2018

Allow to override third-party features on domain-joined machines

Bug: 870998
Change-Id: Ia945042619841fb197f374ca1b2a188916e9764c
Reviewed-on: https://chromium-review.googlesource.com/c/1259826
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Reviewed-by: Chris Hamilton <chrisha@chromium.org>
Cr-Commit-Position: refs/heads/master@{#596411}
[modify] https://crrev.com/9fcffa24d24dcdc4ebf7cbb286891975a900d840/chrome/browser/conflicts/module_database_win.cc