Detplock mallware, while visiting DSM6.0 Web-GUI

Sit back and relax! Talk about anything here!
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:

https://account.synology.com/support/support_form.php?lang=enu



2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
User avatar
McBrown
Trainee
Trainee
Posts: 13
Joined: Wed Sep 16, 2015 12:23 am

Detplock mallware, while visiting DSM6.0 Web-GUI

Postby McBrown » Mon Apr 04, 2016 6:18 pm

For some reason I keep getting a warning from Windows Defender that I have the "Trojan:Win32/Detplock" in my Chrome Cache folder, every time I visit the web-gui.

It's marked as a serious threat, so what's going on? Currently I have all 3rd-party packages uninstalled (bec. it kept bugging with the 5.3->6.0 upgrade) so I know it can't be any 3rd-party package.

Image

Any one else's NAS biting it's owner?

And how do I fix this?
DS415play - 32TB (4 × Seagate Archive 8TB), RAID-5
gator
Student
Student
Posts: 76
Joined: Sun Oct 27, 2013 3:06 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby gator » Mon Apr 04, 2016 6:48 pm

I started getting it yesterday. It comes up whenever I log into the NAS and the Widget is open.

It is a script from Synology that begins with:

Code: Select all

/* Copyright (c) 2016 Synology Inc. All rights reserved. */

Ext.ns("SYNO.SDS.SystemInfoApp");Ext.define("SYNO.SDS.SystemInfoApp.Mini.SystemHealthWidget",{extend:"SYNO.SDS._SystemTray.Component",constructor:function(a){var b=this;a=Ext.apply(a,{cls:"syno-sysinfo-system-health-mini",width:24,height:24});b.callParent(arguments)},afterRender:function(){var a=this;a.callParent(arguments);a.setDefaultStatus()},getIcon:function(b,c){var a="syno-sysinfo-system-health-west-normal";c=c||"";if(b==="initial"){a="syno-sysinfo-system-health-west-initial"}else{if(b==="emergency"){a="syno-sysinfo-system-health-west-emergency"}else{if(b!=="normal"){a="syno-sysinfo-system-health-west-warning"}}}return String.format('<div class = "{0}" ext:qtip="{1}"></div>',a,Ext.util.Format.htmlEncode(Ext.util.Format.htmlEncode(c)))},setDefaultStatus:function(){this.setStatus("normal")},setStatus:function(a,b){this.update(this.getIcon(a,b))}});SYNO.SDS.SystemInfoApp.SystemHealthWidget=Ext.extend(Ext.Panel,{minimizable:true,toggleButtonCls:SYNO.SDS.SystemInfoApp.Mini.SystemHealthWidget,taskButton:undefined,constructor:function(a){this.initializeSouthTable();this.cgiHandler=this.jsConfig.jsBaseURL+"/SystemInfo.cgi";var
Last edited by gator on Mon Apr 04, 2016 7:03 pm, edited 1 time in total.
User avatar
McBrown
Trainee
Trainee
Posts: 13
Joined: Wed Sep 16, 2015 12:23 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby McBrown » Mon Apr 04, 2016 7:00 pm

Some 3rd party boilerplate that the GUI uses perhaps?
DS415play - 32TB (4 × Seagate Archive 8TB), RAID-5
paia
I'm New!
I'm New!
Posts: 3
Joined: Fri Sep 18, 2015 11:38 pm

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby paia » Mon Apr 04, 2016 10:20 pm

I have this false positive too, can somebody from Synology do a scan of DSM 6.0 GUI a find a reason, why MS Security Essentials is detecting this as trojan?

Code: Select all

/* Copyright (c) 2016 Synology Inc. All rights reserved. */

Ext.ns("SYNO.SDS.SystemInfoApp");Ext.define("SYNO.SDS.SystemInfoApp.Mini.SystemHealthWidget",{extend:"SYNO.SDS._SystemTray.Component",constructor:function(a){var b=this;a=Ext.apply(a,{cls:"syno-sysinfo-system-health-mini",width:24,height:24});b.callParent(arguments)},afterRender:function(){var a=this;a.callParent(arguments);a.setDefaultStatus()},getIcon:function(b,c){var a="syno-sysinfo-system-health-west-normal";c=c||"";if(b==="initial"){a="syno-sysinfo-system-health-west-initial"}else{if(b==="emergency"){a="syno-sysinfo-system-health-west-emergency"}else{if(b!=="normal"){a="syno-sysinfo-system-health-west-warning"}}}return String.format('<div class = "{0}" ext:qtip="{1}"></div>',a,Ext.util.Format.htmlEncode(Ext.util.Format.htmlEncode(c)))},setDefaultStatus:function(){this.setStatus("normal")},setStatus:function(a,b){this.update(this.getIcon(a,b))}});SYNO.SDS.SystemInfoApp.SystemHealthWidget=Ext.extend(Ext.Panel,{minimizable:true,toggleButtonCls:SYNO.SDS.SystemInfoApp.Mini.SystemHealthWidget,taskButton:undefined,constructor:function(a){this.initializeSouthTable();this.cgiHandler=this.jsConfig.jsBaseURL+"/SystemInfo.cgi";var b=Ext.apply(this.getConfig(),a);SYNO.SDS.SystemInfoApp.SystemHealthWidget.superclass.constructor.call(this,b);this.westIcon=this.getIconComponent();this.centerContent=this.getContentComponent();this.isActive=false;this.timestamp=null;this.uptime=null;this.appSetting=SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp},getConfig:function(){return{layout:"fit",border:false,defaults:{border:false},items:[this.getViewConfig()],listeners:{scope:this,render:{fn:this.loadInfo,single:true}}}},getViewConfig:function(){return{itemId:"layoutPanel",layout:"vbox",height:"100%",border:false,cls:"syno-sysinfo-system-health",defaults:{border:false},items:[{xtype:"container",itemId:"northPanel",layout:"hbox",border:false,cls:"syno-sysinfo-system-health-status",items:[{xtype:"box",itemId:"westIcon"},{xtype:"container",cls:"syno-sysinfo-system-health-content-wrap",itemId:"center",layout:"fit",defaults:{border:false},items:[{xtype:"box",itemId:"centerContent",region:"center"}]}]},{region:"south",height:84,items:this.southTable}]}},doCollapse:function(){var a=this;a.getEl().setHeight(84);a.doLayout()},doExpand:function(){var a=this;a.getEl().setHeight(172);a.doLayout()},setStatus:function(a,d,c){var b=this.getContentComponent();if(this.taskButton){this.taskButton.setStatus(a,c)}if(!this.rendered){return}this.getIconComponent().update(this.getIcon(a));b.update(this.getContent(a,d,c));this.getComponent("layoutPanel").getComponent("northPanel").doLayout()},getContent:function(b,d,c){var a="syno-sysinfo-system-health-content-header-normal";if(b==="initial"){a="syno-sysinfo-system-health-content-header-initial"}else{if(b==="emergency"){a="syno-sysinfo-system-health-content-header-emergency red-status"}else{if(b!=="normal"){a="syno-sysinfo-system-health-content-header-warning"}}}return this.formatContent(d,c,a)},getIcon:function(b){var a="syno-sysinfo-system-health-west-normal";if(b==="initial"){a="syno-sysinfo-system-health-west-initial"}else{if(b==="emergency"){a="syno-sysinfo-system-health-west-emergency"}else{if(b!=="normal"){a="syno-sysinfo-system-health-west-warning"}}}return this.formatIcon(a)},formatIcon:function(a){return String.format('<div class = "{0}"></div>',a)},formatContent:function(c,b,a){return String.format('<div class = "{4}" ext:qtip="{1}">{0}</div><div class = "syno-sysinfo-system-health-content" ext:qtip="{3}">{2}</div>',c,Ext.util.Format.htmlEncode(c),b,Ext.util.Format.htmlEncode(b),a)},getIconComponent:function(){return this.getComponent("layoutPanel").getComponent("northPanel").getComponent("westIcon")},getContentComponent:function(){return this.getComponent("layoutPanel").getComponent("northPanel").getComponent("center").getComponent("centerContent")},loadInfo:function(){this.statusParser=new SYNO.SDS.SystemInfoApp.SystemHealthStatusParser();this.task=this.task||this.addAjaxTask({id:"task_get_uptime",interval:60*1000,url:this.cgiHandler,method:"GET",success:function(b,a){this.setInfo(b,a)},params:{query:"systemHealth"},failure:function(a,b){SYNO.Debug("Ajax load failure "+a.responseText);this.unmask()},scope:this});if(this.isActive){this.mask(_T("common","loading"));this.task.start()}},onClickTitle:function(){SYNO.SDS.AppLaunch(this.appSetting.appInstance,this.appSetting.launchParam)},onActivate:function(){this.isActive=true;this.loadInfo()},onDeactivate:function(){this.isActive=false;var a=this.getUpdateUptimeTask();if(this.task){this.task.stop()}if(a){a.stop()}this.unmask()},mask:Ext.emptyFn,unmask:Ext.emptyFn,formatOptTime:function(h){var g="";var f=h.indexOf(":",0);var a=h.substring(0,f);var d=h.indexOf(":",f+1);var c=parseInt(h.substring(f+1,d),10);var e=parseInt(h.substring(d+1,h.length),10);a=parseInt(a,10);a+=(c-c%60)/60;c+=(e-e%60)/60;var b=(a-a%24)/24;a=a%24;c=c%60;e=e%60;a=String.leftPad(a,2,"0");c=String.leftPad(c,2,"0");e=String.leftPad(e,2,"0");g=b?String.format("{0} {1} ",b,_T("status","status_day")):"";g+=(a||g!=="")?String.format("{0}{1}",a,":"):"";g+=(c||g!=="")?String.format("{0}{1}",c,":"):"";g+=(e||g!=="")?String.format("{0}",e):"";return g},setInfo:function(d,c){if(this.isDestroyed){return}this.unmask();var b=Ext.decode(d.responseText);this.timestamp=new Date();this.uptime=b.optime;var a=this.statusParser.parseResp(b);this.appSetting=a.appSetting;this.setStatus(a.status,a.title,a.str);if(!this.rendered){return}this.updateInterfaces(b);this.getUpdateUptimeTask().stop();this.getUpdateUptimeTask().start()},getUpdateUptimeTask:function(){this.updateTask=this.updateTask||this.addTask({id:"task_update_uptime",interval:1*1000,run:this.updateUptime,scope:this});return this.updateTask},sortMenuItemText:function(c,a){var d=parseInt(c.text.replace(/[^\d.]/g,""),10)||0;var b=parseInt(a.text.replace(/[^\d.]/g,""),10)||0;return d-b},updateIP:function(b){var c=b.displayIP;var a=String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-data">{0}</p>',c,Ext.util.Format.htmlEncode(c));this.southTable.items.items[3].update(a);this.ipBtn.setText(b.text);this.ipBtn.setTooltip(b.text);this.lastSelectedId=b.interfaceID},updateInterfaces:function(c){this.interfaces=c.interfaces;this.ipBtn.menu.removeAll();this.lastSelectedId=this.lastSelectedId||"";var g=-1,e,d;var k=[];var a=function(){var j=this.displayIP;var i=String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-data">{0}</p>',j,Ext.util.Format.htmlEncode(j));this.parentWidget.southTable.items.items[3].update(i);this.parentWidget.ipBtn.setText(this.text);this.parentWidget.ipBtn.setTooltip(this.text);this.parentWidget.lastSelectedId=this.interfaceID};for(e=0;e<this.interfaces.length;e++){var h=e;var b=this.interfaces[h];var f=SYNO.SDS.Utils.Network.idToString(b.id,b.type);k[e]=new Ext.menu.Item({interfaceID:b.id,text:f,tooltip:f,displayIP:Ext.util.Format.htmlEncode(b.ipaddr),parentWidget:this,listeners:{click:{fn:a,scope:k[e]}}})}k.sort(this.sortMenuItemText);for(d=0;d<k.length;d++){this.ipBtn.menu.addMenuItem(k[d]);if(this.lastSelectedId===k[d].interfaceID){g=d;this.updateIP(k[d])}}if(g==-1&&this.interfaces){this.updateIP(k[0])}},initializeSouthTable:function(){var b=Ext.util.Format.htmlEncode(_T("tcpip","server_name"));var c=Ext.util.Format.htmlEncode(_S("hostname"));var a=Ext.util.Format.htmlEncode(_T("widget","sys_uptime"));this.ipBtn=new SYNO.ux.Button({text:_T("common","ip_addr"),tooltip:_T("common","ip_addr"),cls:"sys-info-btn",menu:new SYNO.ux.Menu({items:[]})});this.southTable=new Ext.Panel({layout:"table",itemId:"southTable",cls:"sys-info-south-table",margins:"0 0 0 0",height:84,width:320,layoutConfig:{columns:2,cellCls:"sys-info-row"},items:[{xtype:"box",html:String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-title">{0}</p>',b,Ext.util.Format.htmlEncode(b))},{xtype:"box",html:String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-data">{0}</p>',c,Ext.util.Format.htmlEncode(c))},{cellCls:"sys-info-row x-row-alt",items:this.ipBtn},{xtype:"box",cellCls:"sys-info-row x-row-alt",html:""},{xtype:"box",html:String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-title">{0}</p>',a,Ext.util.Format.htmlEncode(a))},{xtype:"box",html:""}]})},updateUptime:function(){try{var a=new Date();var l=this.timestamp;var i=this.uptime;var n=Math.round((a.getTime()-l.getTime())/1000);var p=(n)%(60*60)%(60);var c=(n-p)%(60*60)/60;var j=(n-c*60-p)/60/60;var b=i.split(":");var f=parseInt(b[0],10)+j;var g=parseInt(b[1],10)+c;var k=parseInt(b[2],10)+p;if(this.southTable){var d=Ext.util.Format.htmlEncode(this.formatOptTime([f,g,k].join(":")));var o=String.format('<p ext:qtip="{1}" class="syno-sysinfo-system-health-south-data">{0}</p>',d,Ext.util.Format.htmlEncode(d));this.southTable.items.items[5].update(o)}}catch(e){SYNO.Debug("Fail to update uptime"+e);this.onDeactivate();this.onActivate()}},destroy:function(){var a=this;a.onDeactivate();if(a.taskButton){Ext.destroy(a.taskButton)}if(a.southGrid&&a.southGrid.getStore()){a.southGrid.getStore().destroy()}SYNO.SDS.SystemInfoApp.SystemHealthWidget.superclass.destroy.call(this)}});Ext.define("SYNO.SDS.SystemInfoApp.SystemHealthStatusParser",{extend:"Ext.util.Observable",parseResp:function(c){var g="",j=Number.MAX_VALUE,a=null,f;var e=this.getTypeArr();for(var d=0;d<e.length;d++){var h=e[d],b=h.checkStatus(c);if(j>b.priority){g=b.str;j=b.priority;a=b.app}if(b.str){f={status:h.status,title:h.title,str:b.str,appSetting:b.app||h.app};return f}}},getTypeArr:function(){if(!this.typeArr){this.typeArr=[new SYNO.SDS.SystemInfoApp.SystemHealthEmergencyStatus(),new SYNO.SDS.SystemInfoApp.SystemHealthWarningStatus(),new SYNO.SDS.SystemInfoApp.SystemHealthInitialStatus(),new SYNO.SDS.SystemInfoApp.SystemHealthNormalStatus()]}return this.typeArr}});SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp={appInstance:"SYNO.SDS.AdminCenter.Application",launchParam:{fn:"SYNO.SDS.AdminCenter.InfoCenter.Main"}};SYNO.SDS.SystemInfoApp.DefaultStatusValue={str:"",priority:Number.MAX_VALUE,app:SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp};SYNO.SDS.SystemInfoApp.Status=Ext.extend(Object,{type:"normal",status:"normal",title:_T("widget","good_status"),app:SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp,checkStatus:function(a){if(!a){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}return this.onCheckStatus(a)},onCheckStatus:Ext.emptyFn});SYNO.SDS.SystemInfoApp.SystemHealthNormalStatus=Ext.extend(SYNO.SDS.SystemInfoApp.Status,{type:"normal",status:"normal",title:_T("widget","good_status"),app:SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp,onCheckStatus:function(a){return{priority:Number.MAX_VALUE-1,str:_T("widget","system_ok"),app:SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp}}});SYNO.SDS.SystemInfoApp.SystemHealthEmergencyStatus=Ext.extend(SYNO.SDS.SystemInfoApp.Status,{type:"emergency",status:"emergency",title:_T("widget","danger_status"),app:SYNO.SDS.SystemInfoApp.SystemHealthDefaultApp,onCheckStatus:function(e){var a=Number.MAX_VALUE,d,c,b=this.checkVolumeCrashed(e),f=this.getSecurityScanStatus(e.securityScan);Ext.each([b,f],function(g){if(a>g.priority){d=g.str;a=g.priority;c=g.app}});return{priority:a,str:d,app:c}},checkVolumeCrashed:function(e){var a=Number.MAX_VALUE,d,c,b=SYNO.SDS.SystemInfoApp.SystemHealthVolumeCrashed;if(e[b.type]){if(a>b.priority){a=b.priority;d=_T(b.section,b.stringName);c=b.app}}return{priority:a,str:d,app:c}},getSecurityScanStatus:function(a){var b,c;switch(a){case"danger":b=SYNO.SDS.SystemInfoApp.SystemHealthSecurityScanDanger;c=_T(b.section,b.stringName);return{priority:b.priority,str:c,app:b.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue}});SYNO.SDS.SystemInfoApp.SystemHealthInitialStatus=Ext.extend(SYNO.SDS.SystemInfoApp.Status,{type:"initial",status:"initial",title:_T("widget","initial_status"),app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}},onCheckStatus:function(a){return this.checkVolumnStatus(a.vol_info)},checkVolumnStatus:function(l){var f="",j=Number.MAX_VALUE,c=null,g=SYNO.SDS.SystemInfoApp.SystemHealthVolumeCreating;if(!l){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}var m=l;var h=[],b=false,k=SYNO.SDS.Utils.StorageUtils,a,e=0,d;for(;e<m.length;e++){d=l[e];if(d.status==="creating"){if(j>g.priority){a=k.SpaceIDParser(d.volume).str;b=true;h.push(a)}}}if(b){j=g.priority;f=String.format("{0}{1} {2}",h.join(", "),_T("common","colon"),_T(g.section,g.stringName));c=g.app}return{priority:j,str:f,app:c}}});SYNO.SDS.SystemInfoApp.SystemHealthWarningStatus=Ext.extend(SYNO.SDS.SystemInfoApp.Status,{type:"warning",status:"warning",title:_T("widget","attention_status"),app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}},smartWarningStatus:["damage","danger"],onCheckStatus:function(j){this.volWarnings=j.vol_warnings||[];var p=Number.MAX_VALUE,l,d,e=this.checkInitWarning(j),f=this.getVolumnStatus(j.vol_info),b=this.getInodeStatus(j.vol_info),h=this.getUSBVolumeStatus(j.usb_vols),g=this.getSDCardVolumeStatus(j.sdcard_vols),k=this.getESATAVolumeStatus(j.esata_vols),i=this.getDiskStatus(j),q=this.getUPSStatus(j.data),s=this.getMultiPowerStatus(j.multiPower),o=this.getEnclosureStatus(j.enclosure),a=this.getEnclosureFanStatus(j.enclosure),n=this.getEboxPowerStatus(j),m=this.getEboxFanStatus(j),c=this.getHAStatus(j.ha),r=this.getAHAStatus(j.aha);Ext.each([e,f,b,h,g,k,i,q,o,a,s,n,m,c,r],function(t){if(p>t.priority){l=t.str;p=t.priority;d=t.app}});return{priority:p,str:l,app:d}},checkInitWarning:function(g){var b=Number.MAX_VALUE,c,f,e,a=0,d=SYNO.SDS.SystemInfoApp.SystemHealthWarningLookUpTable;for(;a<d.length;a++){c=d[a];if(g[c.type]){if(b>c.priority){b=c.priority;f=_T(c.section,c.stringName);e=c.app}}}return{priority:b,str:f,app:e}},getUPSStatus:function(a){var f="";var c=Number.MAX_VALUE;var e=null;if(!a||!a.ups_enable){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}var g=SYNO.SDS.SystemInfoApp.SystemHealthUPSStatusWarning;var d=null,b=0;for(;b<g.length;b++){d=g[b];if(a.status===d.type){if(c>d.priority){c=d.priority;f=_T(d.section,d.stringName);e=d.app}}}return{priority:c,str:f,app:e}},getDiskStatus:function(c){var g="",d=0;var j=Number.MAX_VALUE;var b=null;var h=c.disks;if(!h){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}var f=SYNO.SDS.SystemInfoApp.SystemHealthDiskSmartStatusWarning;var a=SYNO.SDS.SystemInfoApp.SystemHealthDiskStatusWarning;var e=SYNO.SDS.SystemInfoApp.SystemHealthDiskUncWarning;for(;d<h.length;d++){if(h[d].status===a.type){if(j>a.priority){j=a.priority;g=_T(a.section,a.stringName);b=a.app}}if(Ext.isDefined(h[d].name)&&h[d].name==="eSATA"){continue}if(this.smartWarningStatus.indexOf(h[d].smart_status)!==-1){if(j>f.priority){j=f.priority;g=_T(f.section,f.stringName);b=f.app}}}if(c.bs_thr_exceed===true){if(j>e.priority){j=e.priority;g=_T(e.section,e.stringName)}}return{priority:j,str:g,app:b}},getEboxFanStatus:function(c){var a=[];var b=c.ebox,e=null,h=null;if(b){for(var g=0;g<b.length;g++){e=b[g];h=e.model?e.model:"Expansion Unit";if(e.eunit_fan_fail){a.push(h)}}}if(a.length>0){var j=SYNO.SDS.SystemInfoApp.SystemHealthEboxFanWarning;var f="";for(var d=0;d<a.length;d++){f+=a[d]+": "+_T(j.section,j.stringName)+"<br>"}return{priority:j.priority,str:f,app:j.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getAHAStatus:function(a){var c=SYNO.SDS.SystemInfoApp.SystemHealthAHAWarning;var b=_TT(c.type,c.section,c.stringName);switch(a){case"error":case"warning":return{priority:c.priority,str:b,app:c.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getHAStatus:function(a){var c=SYNO.SDS.SystemInfoApp.SystemHealthHAWarning;var b=_TT(c.type,c.section,c.stringName);switch(a){case"danger":case"warning":case"empty_passive":return{priority:c.priority,str:b,app:c.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getEboxPowerStatus:function(c){var b=[];var a=c.ebox,e=null,h=null;if(a){for(var g=0;g<a.length;g++){e=a[g];h=e.model?e.model:"Expansion Unit";if(Ext.isDefined(e.rp1)&&e.rp1!==1){b.push(h+_T("system","power_supply")+"1")}if(Ext.isDefined(e.rp2)&&e.rp2!==1){b.push(h+_T("system","power_supply")+"2")}}}if(b.length>0){var j=SYNO.SDS.SystemInfoApp.SystemHealthMultiPowerWarning;var f="";for(var d=0;d<b.length;d++){f+=b[d]+": "+_T(j.section,j.stringName)+"<br>"}return{priority:j.priority,str:f,app:j.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getMultiPowerStatus:function(c){var b=[];if(c&&c.support_rp){if(Ext.isDefined(c.rp1)&&c.rp1!==1){b.push(_T("system","power_supply")+"1")}if(Ext.isDefined(c.rp2)&&c.rp2!==1){b.push(_T("system","power_supply")+"2")}}if(b.length>0){var e=SYNO.SDS.SystemInfoApp.SystemHealthMultiPowerWarning;var d="";for(var a=0;a<b.length;a++){d+=b[a]+": "+_T(e.section,e.stringName)+"<br>"}return{priority:e.priority,str:d,app:e.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getEnclosureFanStatus:function(h){var c=[],e=null,b="",d=[];if(!h||!h.support_sas||!Ext.isDefined(h.encInfoList)){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}c=h.encInfoList;for(var a=0;a<c.length;a++){b="";e=c[a];if(!e.eunit_fan_fail){continue}if(true===e.isHost){continue}b=_T("widget","eunit")+" "+String.leftPad(e.id,2,"0");b=b+" fan ";d.push(b)}if(d.length>0){var g=SYNO.SDS.SystemInfoApp.SystemHealthEboxFanWarning;var f=String.format("{0}{1} {2}",d.join(", "),_T("common","colon"),_T(g.section,g.stringName));return{priority:g.priority,str:f,app:g.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getEnclosureStatus:function(e){var a=[];var b=0;if(e&&e.support_sas&&Ext.isDefined(e.encInfoList)){for(b=0;b<e.encInfoList.length;b++){if(1!==e.encInfoList[b].linkStatus){if(true===e.encInfoList[b].isHost){a.push(_T("widget","host"))}else{a.push(_T("widget","eunit")+e.encInfoList[b].id)}}}}if(a.length>0){var d=SYNO.SDS.SystemInfoApp.SystemHealthEnclosureLinkWarning;var c="";for(b=0;b<a.length;b++){c+=a[b]+": "+_T(d.section,d.stringName)+"<br>"}return{priority:d.priority,str:c,app:d.app}}return SYNO.SDS.SystemInfoApp.DefaultStatusValue},getVolumnStatus:function(n){var f="";var k=Number.MAX_VALUE;var c=null;var g=null;if(!n||!this.volWarnings||!this.volWarnings.disk_warning_percent||!parseFloat(this.volWarnings.disk_warning_percent)){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}var p=n;var m=SYNO.SDS.Utils.StorageUtils;var d,h,o,a,l=1;var j=[];var b=false,e=0;for(;e<p.length;e++){d=n[e];if(d.status!=="normal"){continue}a=m.SpaceIDParser(d.volume).str;h=parseInt(d.total_size,10)*l;o=parseInt(d.used_size,10)*l;if((h-o)/h<parseFloat(this.volWarnings.disk_warning_percent)){g=SYNO.SDS.SystemInfoApp.SystemHealthVolumeSpaceWarning;if(k>g.priority){b=true;j.push(a)}}}if(b){k=g.priority;f=String.format("{0}{1} {2}",j.join(", "),_T("common","colon"),_T(g.section,g.stringName));c=g.app}return{priority:k,str:f,app:c}},getInodeStatus:function(n){var g="";var l=Number.MAX_VALUE;var c=null;var h=null;if(!n||!this.volWarnings||!this.volWarnings.disk_inode_warning_percent||!parseFloat(this.volWarnings.disk_inode_warning_percent)){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}var o=n;var m=SYNO.SDS.Utils.StorageUtils;var d,j,f,a;var k=[];var b=false,e=0;for(;e<o.length;e++){d=n[e];if(d.status!=="normal"){continue}a=m.SpaceIDParser(d.volume).str;j=parseInt(d.inode_total,10);f=parseInt(d.inode_free,10);if((f)/j<parseFloat(this.volWarnings.disk_inode_warning_percent)){h=SYNO.SDS.SystemInfoApp.SystemHealthInodeFullWarning;if(l>h.priority){b=true;k.push(a)}}}if(b){l=h.priority;g=String.format("{0}{1} {2}",k.join(", "),_T("common","colon"),_T(h.section,h.stringName));c=h.app}return{priority:l,str:g,app:c}},formatEsataVolStr:function(a){var b=_T("rsrcmonitor","disk");return/satashare/.test(a)?"eSATA "+b+" 1":a},formatUSBVolStr:function(a){var c=_T("rsrcmonitor","disk"),d="{0} {1} {2}",b=a.match(/^usbshare(\d-*\d*)/);return b?String.format(d,"USB",c,b[1]):a},formatSDCardVolStr:function(a){var c=_T("tree","leaf_sdcard"),d="{0} {1}",b=a.match(/^sdshare(\d-*\d*)/);return b?String.format(d,c,b[1]):a},getExternalVolumeStatus:function(r,q,h,n){var g="";var o=Number.MAX_VALUE;var e=null;var b=null,a;if(!r||!this.volWarnings){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}if(!h&&!parseFloat(h)){return SYNO.SDS.SystemInfoApp.DefaultStatusValue}a=parseFloat(h);var p=r;var l,s,c,m,f=1;var d=[];var j=false,k=0;for(;k<p.length;k++){l=r[k];m=l.volume;s=parseInt(l.total_size,10)*f;c=parseInt(l.used_size,10)*f;if((s-c)/s<a){b=SYNO.SDS.SystemInfoApp.SystemHealthVolumeSpaceWarning;if(o>b.priority){j=true;d.push(n.call(this,m))}}}if(j){o=b.priority;g=String.format("{0}{1} {2}",d.join(", "),_T("common","colon"),_T(b.section,b.stringName));e=b.app}return{priority:o,str:g,app:e}},getUSBVolumeStatus:function(a){return this.getExternalVolumeStatus(a,this.volWarnings.usb_disk_warning_percent,this.volWarnings.usb_partition_warning_percent,this.formatUSBVolStr)},getESATAVolumeStatus:function(a){return this.getExternalVolumeStatus(a,this.volWarnings.esata_disk_warning_percent,this.volWarnings.esata_partition_warning_percent,this.formatEsataVolStr)},getSDCardVolumeStatus:function(a){return this.getExternalVolumeStatus(a,this.volWarnings.sdcard_warning_percent,this.volWarnings.sdcard_partition_warning_percent,this.formatSDCardVolStr)}});SYNO.SDS.SystemInfoApp.SystemHealthVolumeCrashed={type:"crashed_vol",section:"widget",stringName:"volume_crashed",priority:3,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthSecurityScanDanger={type:"SYNO.SDS.SecurityScan.Instance",section:"securityscan",stringName:"securityscan_system_danger_desc",priority:4,app:{appInstance:"SYNO.SDS.SecurityScan.Instance"}};SYNO.SDS.SystemInfoApp.SystemHealthVolumeCreating={type:"creating_volume",section:"widget",stringName:"creating_volume",priority:2,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthVolumeSpaceWarning={type:"available_volume_space_warning",section:"widget",stringName:(_D("maxdisks")==="0")?"usb_available_volume_space_warning":"available_volume_space_warning",priority:9,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthInodeFullWarning={type:"available_inode_full_warning",section:"widget",stringName:(_D("maxdisks")==="0")?"usb_available_inode_full_warning":"available_inode_full_warning",priority:9,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthDiskSmartStatusWarning={type:"hdd_smart_status_error",section:"widget",stringName:"hdd_smart_status_error",priority:7.1,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Disk.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthDiskStatusWarning={type:"system_crashed",section:"volume",stringName:"volume_diskfailedsys",priority:2.5,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Disk.Main"}}};SYNO.SDS.SystemInfoApp.SystemHealthDiskUncWarning={type:"unc_exceeded",section:"disk_info",stringName:"disk_bad_sector_thr_warn_msg",priority:7.2};SYNO.SDS.SystemInfoApp.SystemHealthMultiPowerWarning={type:"multi_failed_power",section:"common",stringName:"status_abnormal",priority:3.9};SYNO.SDS.SystemInfoApp.SystemHealthEnclosureLinkWarning={type:"enclosure_link_failed",section:"widget",stringName:"link_fail",priority:7.5};SYNO.SDS.SystemInfoApp.SystemHealthEboxFanWarning={type:"eunit_fan_fail",section:"widget",stringName:"eunit_fan_fail",priority:2};SYNO.SDS.SystemInfoApp.SystemHealthAHAWarning={type:"SYNO.SDS.AHA.Instance",section:"overview",stringName:"desc_ha_abnormal",priority:-1,app:{appInstance:"SYNO.SDS.AHA.Instance"}};SYNO.SDS.SystemInfoApp.SystemHealthHAWarning={type:"SYNO.SDS.HA.Instance",section:"overview",stringName:"desc_ha_abnormal",priority:-1,app:{appInstance:"SYNO.SDS.HA.Instance"}};SYNO.SDS.SystemInfoApp.SystemHealthUPSStatusWarning=[{type:"usb_ups_status_battery",section:"widget",stringName:"usb_ups_status_battery",priority:5,app:{appInstance:"SYNO.SDS.AdminCenter.Application",launchParam:{fn:"SYNO.SDS.AdminCenter.HardwareControl.Main"}}},{type:"usb_ups_status_low_batt",section:"widget",stringName:"usb_ups_status_low_batt",priority:5,app:{appInstance:"SYNO.SDS.AdminCenter.Application",launchParam:{fn:"SYNO.SDS.AdminCenter.HardwareControl.Main"}}}];SYNO.SDS.SystemInfoApp.SystemHealthWarningLookUpTable=[{type:"failed_fan",section:"widget",stringName:"fan_fail",priority:0},{type:"failed_fan_only_one",section:"widget",stringName:"fan_fail",priority:0},{type:"cpu_failed_fan",section:"widget",stringName:"cpu_fan_fail",priority:1},{type:"is_system_crashed",section:"widget",stringName:"is_system_crashed",priority:2.9,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Volume.Main"}}},{type:"disk_contains_crashed_space",section:"widget",stringName:"volume_crashed",priority:3.1,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Disk.Main"}}},{type:"failed_power",section:"widget",stringName:"power_fail",priority:4},{type:"temperature_warning",section:"widget",stringName:"temperature_warning",priority:6},{type:"apache_is_default",section:"widget",stringName:"apache_statup_failed",priority:10},{type:"degrade_vol",section:"widget",stringName:"volume_degraded",priority:7,app:{appInstance:"SYNO.SDS.StorageManager.Instance",launchParam:{fn:"SYNO.SDS.StorageManager.Pool.Main"}}}];
tobincake1471
I'm New!
I'm New!
Posts: 3
Joined: Tue Mar 29, 2016 12:37 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby tobincake1471 » Tue Apr 05, 2016 12:13 am

This has been happening to me too. It started on Saturday. I'm relieved to see that it's happening to others as well (I think?)
User avatar
maxxfi
Compiler
Compiler
Posts: 6794
Joined: Sun Dec 27, 2009 12:13 pm
Location: Espoo, Finland

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby maxxfi » Tue Apr 05, 2016 6:10 am

If (as it seems) it's an isolated file, try to send it to virustotal.com and see whether any other antivirus picks it up.
If not, send a message to the Microsoft security team reporting a false positive detection.
No longer using Synology NAS, moved to more open source solutions.
DS-106j > DS-210j > DS-411
gator
Student
Student
Posts: 76
Joined: Sun Oct 27, 2013 3:06 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby gator » Tue Apr 05, 2016 7:07 am

I sent it to ms through windows defender when I first got it. I believe it has already been fixed as I am not getting any messages about it any more.
tamanaco
Beginner
Beginner
Posts: 29
Joined: Mon Mar 28, 2016 10:14 pm

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby tamanaco » Tue Apr 05, 2016 5:18 pm

I also started experiencing this issue after the DSM 6.0 update. I believe that it's being caused by the DSM Widgets. I sent the resulting cache file to MS several times, but I don't think it has been flagged yet. I applied today's updates to Windows Defender definitions and the issue remains.
cheadstina
I'm New!
I'm New!
Posts: 8
Joined: Mon Mar 12, 2012 11:10 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby cheadstina » Tue Apr 05, 2016 9:00 pm

I'm also getting this, hopefully a false positive :D :roll: :twisted:
LYuan
Novice
Novice
Posts: 59
Joined: Fri Jun 04, 2010 6:53 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby LYuan » Wed Apr 06, 2016 4:38 am

I'm getting this too; started getting it yesterday...

I don't get it in Microsoft Edge Browser though.

L.
User avatar
McBrown
Trainee
Trainee
Posts: 13
Joined: Wed Sep 16, 2015 12:23 am

Re: Detplock mallware, while visiting DSM6.0 Web-GUI

Postby McBrown » Wed Apr 06, 2016 3:00 pm

I got an reply from Synology, it's fixed after I updated Windows Defender
DS415play - 32TB (4 × Seagate Archive 8TB), RAID-5

Return to “The Lounge”

Who is online

Users browsing this forum: No registered users and 3 guests