Message meets Alert condition
Virus/Worm detected: Riskware/PNScan; Protocol: HTTP; Email Address From: ; Email Address To: ; VIRUS REFERENCE URL: http://www.fortinet.com/ve?vn=Riskware%2FPNScan
date=2022-04-27 time=11:47:33 devname=lwl-fw01 devid=FG5H1E5818904401 eventtime=1651074452676061272 tz="-0400" logid="0211008192" type="utm" subtype="virus" eventtype="infected" level="warning" vd="root" policyid=3 poluuid="77ca244c-63d6-51e9-39c0-8708754d312b" policytype="policy" msg="File is infected." action="blocked" service="HTTP" sessionid=253634138 srcip=10.7.8.19 dstip=91.189.91.38 srcport=54842 dstport=80 srccountry="Reserved" dstcountry="United States" srcintf="internal" srcintfrole="undefined" dstintf="crowncastle_wan" dstintfrole="undefined" srcuuid="814e66ca-63d8-51e9-a95a-7e6e0458e39c" dstuuid="4e078448-da78-51e8-7462-b6fca7129d87" proto=6 direction="incoming" filename="pnscan_1.14.1-1_amd64.deb" quarskip="Quarantine-disabled" virus="Riskware/PNScan" viruscat="Riskware" dtype="av-engine" ref="http://www.fortinet.com/ve?vn=Riskware%2FPNScan" virusid=7439030 url="http://archive.ubuntu.com/ubuntu/pool/universe/p/pnscan/pnscan_1.14.1-1_amd64.deb" profile="default" agent="libwww-perl/6.61" analyticscksum="ee0aa7012226ce63cdf54f819c1b0b2b0a960275f7c47c64b55d1e0f607f1d2f" analyticssubmit="false" crscore=50 craction=2 crlevel="critical"
以上是我们的防火墙收到的警报
Files to download: 33 kiB
[ 98%] Getting: pool/main/n/networkd-dispatcher/networkd-dispatcher_2.1-2ubuntu0.22.04.1_all.deb... #** GET http://archive.ubuntu.com/ubuntu/pool/main/n/networkd-dispatcher/networkd-dispatcher_2.1-2ubuntu0.22.04.1_all.deb ==> 200 OK
ok
[ 99%] Getting: pool/universe/p/pnscan/pnscan_1.14.1-1_amd64.deb... #** GET http://archive.ubuntu.com/ubuntu/pool/universe/p/pnscan/pnscan_1.14.1-1_amd64.deb ==> 200 OK (1s)
read failed: Connection reset by peer at /usr/share/perl5/LWP/Protocol/http.pm line 471. at /usr/bin/debmirror line 1828.
Downloaded 1375 kiB in 13s at 105.81 kiB/s.
Everything OK. Moving meta files ...
Cleanup mirror.
All done.
Errors:
read failed: Connection reset by peer at /usr/share/perl5/LWP/Protocol/http.pm line 471. at /usr/bin/debmirror line 1828.
Failed to download files (1 errors)!
it@ubuntu-mirror-2204:/opt/UbuntuMirror$
答案1
如果您只想摆脱病毒,请将要保留的文件传输到闪存驱动器,然后全新重新安装操作系统。这就是 Linux 的魅力所在,如果您破坏了它,您随时可以重新开始。