我的 12.04 系统刚刚感染了病毒,它正在该区域自我复制大量垃圾目录/proc/
。
这可能很快就会让我的电脑彻底崩溃。即使以 root 身份,我也无法删除任何垃圾。
如何对以 root 身份肆意运行的 Ubuntu 系统进行杀毒?
答案1
/proc
是一个虚拟文件系统;它应该包含一大堆内容,甚至无法以 root 身份删除。它包含代表系统中正在运行的每个进程的文件夹,以及用于提供内核其他信息的各种其他文件。其中的文件与磁盘/proc
上的任何内容都不对应;在大多数情况下,删除没有任何意义;它不对应于可以对所代表的流程和其他结构采取的任何特定行动。
这是我的正常情况/proc
:
ek@Kip:~$ ls -l /proc
total 0
dr-xr-xr-x 8 root root 0 Apr 2 02:15 1
dr-xr-xr-x 8 root root 0 Apr 2 09:56 10
dr-xr-xr-x 8 ek ek 0 Apr 1 20:28 10204
dr-xr-xr-x 8 messagebus messagebus 0 Apr 2 09:56 1094
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1119
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1120
dr-xr-xr-x 8 root root 0 Apr 2 09:56 11231
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1127
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11396
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11398
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11399
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11400
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11404
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11428
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11436
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11461
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11481
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11489
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1150
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11510
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11518
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11536
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1155
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11550
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11557
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11564
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11609
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11627
dr-xr-xr-x 8 ek ek 0 Mar 26 21:29 11646
dr-xr-xr-x 8 ek ek 0 Mar 26 21:30 11688
dr-xr-xr-x 8 ek ek 0 Mar 26 21:30 11696
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1171
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1172
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1175
dr-xr-xr-x 8 ek ek 0 Mar 26 21:30 11811
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1183
dr-xr-xr-x 8 avahi avahi 0 Apr 2 09:56 1184
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1185
dr-xr-xr-x 8 avahi avahi 0 Apr 2 09:56 1188
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1190
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1191
dr-xr-xr-x 8 daemon daemon 0 Apr 2 09:56 1192
dr-xr-xr-x 8 root root 0 Apr 2 09:56 12
dr-xr-xr-x 8 ek ek 0 Apr 2 01:25 12174
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1224
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1232
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1248
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1251
dr-xr-xr-x 8 whoopsie whoopsie 0 Apr 2 09:56 1272
dr-xr-xr-x 8 root root 0 Apr 2 09:56 13
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1314
dr-xr-xr-x 8 ek ek 0 Mar 22 07:50 13357
dr-xr-xr-x 8 root root 0 Apr 2 09:56 13643
dr-xr-xr-x 8 root root 0 Apr 2 09:56 14
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1477
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1495
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15968
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15969
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15970
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15971
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15981
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15982
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15983
dr-xr-xr-x 8 root root 0 Apr 2 09:56 15984
dr-xr-xr-x 8 root root 0 Apr 2 09:56 16
dr-xr-xr-x 8 ek ek 0 Apr 2 03:35 16019
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1610
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1660
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1664
dr-xr-xr-x 8 nobody dip 0 Apr 2 09:56 1667
dr-xr-xr-x 8 ek ek 0 Apr 2 04:09 16987
dr-xr-xr-x 8 root root 0 Apr 2 09:00 17930
dr-xr-xr-x 8 root root 0 Apr 2 09:56 18
dr-xr-xr-x 8 root root 0 Apr 2 09:00 18046
dr-xr-xr-x 8 ek ek 0 Apr 2 09:01 18098
dr-xr-xr-x 8 root root 0 Apr 2 09:15 18196
dr-xr-xr-x 8 root root 0 Apr 2 09:23 18245
dr-xr-xr-x 8 root root 0 Apr 2 09:23 18287
dr-xr-xr-x 8 root root 0 Apr 2 09:56 1856
dr-xr-xr-x 8 ek ek 0 Apr 2 09:49 18659
dr-xr-xr-x 8 root root 0 Apr 2 09:56 19
dr-xr-xr-x 8 root root 0 Apr 2 10:38 19096
dr-xr-xr-x 8 root root 0 Apr 2 10:45 19188
dr-xr-xr-x 8 root root 0 Apr 2 11:00 19262
dr-xr-xr-x 8 root root 0 Apr 2 11:06 19298
dr-xr-xr-x 8 ek ek 0 Apr 2 11:06 19315
dr-xr-xr-x 8 colord colord 0 Mar 21 06:52 1992
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2
dr-xr-xr-x 8 root root 0 Apr 2 09:56 20
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2006
dr-xr-xr-x 8 rtkit rtkit 0 Apr 2 09:56 2065
dr-xr-xr-x 8 root root 0 Apr 2 09:56 21
dr-xr-xr-x 8 ntp ntp 0 Mar 21 06:53 2101
dr-xr-xr-x 8 root root 0 Apr 2 09:56 214
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2161
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2172
dr-xr-xr-x 8 root root 0 Apr 2 09:56 22
dr-xr-xr-x 8 ek ek 0 Mar 21 06:55 2215
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2218
dr-xr-xr-x 8 ek ek 0 Mar 21 06:55 2219
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2230
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2234
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2243
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2249
dr-xr-xr-x 8 root root 0 Apr 2 09:56 225
dr-xr-xr-x 8 ek ek 0 Mar 29 09:39 22514
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2256
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2257
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2258
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2260
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2264
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2268
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2271
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2275
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2278
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2280
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2287
dr-xr-xr-x 8 root root 0 Mar 21 06:53 2290
dr-xr-xr-x 8 root root 0 Apr 2 09:56 23
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2303
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2305
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2307
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2311
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2317
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2331
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2335
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2346
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2348
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2357
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2372
dr-xr-xr-x 8 root root 0 Apr 2 09:56 24
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2425
dr-xr-xr-x 8 ek ek 0 Apr 2 01:25 24576
dr-xr-xr-x 8 ek ek 0 Mar 21 06:53 2461
dr-xr-xr-x 8 ek ek 0 Mar 29 13:56 25198
dr-xr-xr-x 8 ek ek 0 Mar 21 06:54 2528
dr-xr-xr-x 8 ek ek 0 Mar 21 06:55 2588
dr-xr-xr-x 8 root root 0 Apr 2 09:56 26
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2603
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2679
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2680
dr-xr-xr-x 8 root root 0 Apr 2 09:56 27
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2700
dr-xr-xr-x 8 root root 0 Apr 2 09:56 2701
dr-xr-xr-x 8 ek ek 0 Mar 21 06:54 2727
dr-xr-xr-x 8 ek ek 0 Mar 21 07:34 27582
dr-xr-xr-x 8 ek ek 0 Mar 21 07:34 27588
dr-xr-xr-x 8 ek ek 0 Mar 21 08:23 27926
dr-xr-xr-x 8 root root 0 Apr 2 09:56 28
dr-xr-xr-x 8 ek ek 0 Mar 21 09:01 28249
dr-xr-xr-x 8 ek ek 0 Mar 29 14:44 28271
dr-xr-xr-x 8 root root 0 Apr 2 09:56 283
dr-xr-xr-x 8 root root 0 Apr 2 09:56 284
dr-xr-xr-x 8 ek ek 0 Mar 29 15:17 28655
dr-xr-xr-x 8 root root 0 Apr 2 09:56 28823
dr-xr-xr-x 8 ek ek 0 Mar 21 10:17 28948
dr-xr-xr-x 8 root root 0 Apr 2 09:56 29
dr-xr-xr-x 8 ek ek 0 Mar 21 10:17 29039
dr-xr-xr-x 8 ek ek 0 Mar 26 09:30 29937
dr-xr-xr-x 8 root root 0 Apr 2 09:56 3
dr-xr-xr-x 8 root root 0 Apr 2 09:56 30
dr-xr-xr-x 8 ek ek 0 Mar 28 10:09 303
dr-xr-xr-x 8 ek ek 0 Mar 22 12:37 30649
dr-xr-xr-x 8 ek ek 0 Mar 31 17:23 30701
dr-xr-xr-x 8 ek ek 0 Mar 29 18:48 30781
dr-xr-xr-x 8 root root 0 Apr 2 09:56 31
dr-xr-xr-x 8 root root 0 Apr 2 09:56 32
dr-xr-xr-x 8 ek ek 0 Mar 21 07:00 3492
dr-xr-xr-x 8 root root 0 Apr 2 09:56 374
dr-xr-xr-x 8 root root 0 Apr 2 09:56 376
dr-xr-xr-x 8 root root 0 Apr 2 09:56 380
dr-xr-xr-x 8 root root 0 Apr 2 09:56 40
dr-xr-xr-x 8 root root 0 Apr 2 09:56 44
dr-xr-xr-x 8 root root 0 Apr 2 09:56 45
dr-xr-xr-x 8 root root 0 Apr 2 09:56 6
dr-xr-xr-x 8 root root 0 Apr 2 09:56 64
dr-xr-xr-x 8 root root 0 Apr 2 09:56 680
dr-xr-xr-x 8 root root 0 Apr 2 09:56 687
dr-xr-xr-x 8 root root 0 Apr 2 09:56 688
dr-xr-xr-x 8 root root 0 Apr 2 09:56 7
dr-xr-xr-x 8 ek ek 0 Apr 1 14:32 7216
dr-xr-xr-x 8 ek utmp 0 Apr 1 14:32 7220
dr-xr-xr-x 8 ek ek 0 Apr 1 14:32 7221
dr-xr-xr-x 8 root root 0 Apr 2 09:56 725
dr-xr-xr-x 8 root root 0 Apr 2 09:56 734
dr-xr-xr-x 8 root root 0 Apr 2 09:56 757
dr-xr-xr-x 8 root root 0 Apr 2 09:56 764
dr-xr-xr-x 8 root root 0 Apr 2 09:56 8
dr-xr-xr-x 8 root root 0 Apr 2 09:56 814
dr-xr-xr-x 8 root root 0 Apr 2 09:56 883
dr-xr-xr-x 8 root root 0 Apr 2 09:56 884
dr-xr-xr-x 8 root root 0 Apr 2 09:56 951
dr-xr-xr-x 8 syslog syslog 0 Apr 2 09:56 987
dr-xr-xr-x 5 root root 0 Mar 21 06:52 acpi
dr-xr-xr-x 5 root root 0 Apr 2 11:06 asound
-r--r--r-- 1 root root 0 Apr 2 11:06 buddyinfo
dr-xr-xr-x 4 root root 0 Apr 2 11:06 bus
-r--r--r-- 1 root root 0 Apr 2 11:06 cgroups
-r--r--r-- 1 root root 0 Apr 2 11:06 cmdline
-r--r--r-- 1 root root 0 Apr 2 11:06 consoles
-r--r--r-- 1 root root 0 Apr 2 11:06 cpuinfo
-r--r--r-- 1 root root 0 Apr 2 11:06 crypto
-r--r--r-- 1 root root 0 Apr 2 11:06 devices
dr-xr-xr-x 2 root root 0 Apr 2 11:06 device-tree
-r--r--r-- 1 root root 0 Apr 2 11:06 diskstats
-r--r--r-- 1 root root 0 Apr 2 11:06 dma
dr-xr-xr-x 3 root root 0 Apr 2 11:06 dri
dr-xr-xr-x 2 root root 0 Apr 2 11:06 driver
-r--r--r-- 1 root root 0 Apr 2 11:06 execdomains
-r--r--r-- 1 root root 0 Apr 2 11:06 fb
-r--r--r-- 1 root root 0 Apr 2 11:06 filesystems
dr-xr-xr-x 8 root root 0 Apr 2 11:06 fs
-r--r--r-- 1 root root 0 Mar 21 06:53 interrupts
-r--r--r-- 1 root root 0 Apr 2 11:06 iomem
-r--r--r-- 1 root root 0 Apr 2 11:06 ioports
dr-xr-xr-x 28 root root 0 Apr 2 11:06 irq
-r--r--r-- 1 root root 0 Apr 2 11:06 kallsyms
-r-------- 1 root root 1065349120 Apr 2 11:06 kcore
-r--r--r-- 1 root root 0 Apr 2 11:06 key-users
-r-------- 1 root root 0 Mar 21 06:52 kmsg
-r-------- 1 root root 0 Apr 2 11:06 kpagecount
-r-------- 1 root root 0 Apr 2 11:06 kpageflags
-rw-r--r-- 1 root root 0 Apr 2 11:06 latency_stats
-r--r--r-- 1 root root 0 Apr 2 11:06 loadavg
-r--r--r-- 1 root root 0 Apr 2 11:06 locks
-r--r--r-- 1 root root 0 Apr 2 11:06 mdstat
-r--r--r-- 1 root root 0 Apr 2 11:06 meminfo
-r--r--r-- 1 root root 0 Apr 2 11:06 misc
-r--r--r-- 1 root root 0 Apr 2 11:06 modules
lrwxrwxrwx 1 root root 11 Apr 2 11:06 mounts -> self/mounts
-r--r--r-- 1 root root 0 Apr 2 11:06 mtd
-rw-r--r-- 1 root root 0 Mar 21 06:52 mtrr
lrwxrwxrwx 1 root root 8 Apr 2 11:06 net -> self/net
-r--r--r-- 1 root root 0 Apr 2 11:06 pagetypeinfo
-r--r--r-- 1 root root 0 Apr 2 11:06 partitions
-r--r--r-- 1 root root 0 Apr 2 11:06 sched_debug
-r--r--r-- 1 root root 0 Apr 2 11:06 schedstat
dr-xr-xr-x 4 root root 0 Apr 2 11:06 scsi
lrwxrwxrwx 1 root root 64 Mar 24 08:06 self -> 19315
-r-------- 1 root root 0 Apr 2 11:06 slabinfo
-r--r--r-- 1 root root 0 Apr 2 11:06 softirqs
-r--r--r-- 1 root root 0 Apr 2 11:06 stat
-r--r--r-- 1 root root 0 Mar 21 06:53 swaps
dr-xr-xr-x 1 root root 0 Mar 21 02:52 sys
--w------- 1 root root 0 Apr 2 11:06 sysrq-trigger
dr-xr-xr-x 2 root root 0 Apr 2 11:06 sysvipc
-r--r--r-- 1 root root 0 Apr 2 11:06 timer_list
-rw-r--r-- 1 root root 0 Apr 2 11:06 timer_stats
dr-xr-xr-x 4 root root 0 Apr 2 11:06 tty
-r--r--r-- 1 root root 0 Apr 2 11:06 uptime
-r--r--r-- 1 root root 0 Apr 2 11:06 version
-r--r--r-- 1 root root 0 Apr 2 11:06 version_signature
-r-------- 1 root root 0 Apr 2 11:06 vmallocinfo
-r--r--r-- 1 root root 0 Apr 2 11:06 vmstat
-r--r--r-- 1 root root 0 Apr 2 11:06 zoneinfo
您的目录中应该有类似的文件和目录。您会注意到所有文件夹的名称都以数字表示。我猜这些就是您所说的“垃圾目录”。事实并非如此——每个目录都代表系统上当前正在运行的一个进程;您甚至可以进入它(如果您拥有该进程或作为 root 用户)并检查有关该进程的信息。