Centos6 服务器病毒查杀命令历史

top
whereis vhowazeclu 
ll /usr/bin/v*
more /usr/bin/vhowazeclu 
ps aux|grep vhowa
ps aux|grep vhowazeclu
top
sudo kill -9 12789
top
whereis nwymhcrsts
crontab -L
crontab -l
crontab -u root -l
sudo crontab -u root -l
top
ll /usr/bin/nw*
ll /usr/bin/
ll /usr/bin/v*
ll /usr/bin/nw*
sz /usr/bin/nwymhcrsts 
sudo who /var/log/wtmp
ll /var/www/html
sudo more /etc/passwd
sudo more /var/log/messages
sudo more /var/log/messages-20151206 
sudo more /var/log/messages-20151213 
sudo yum install clamd
top
whereis gfty
top
sudo more /root/.bash_history
history
ll
chkconfig --list
chkconfig --list|grep 3:on
ll /etc/init.d/nw*
more /etc/init.d/nwymhcrsts 
more /etc/init.d/iomhsvcscl 
ll /boot/
sz /boot/iomhsvcscl 
ll /usr/bin/nwymhcrsts 
ll
ll /usr/bin/nwymhcrsts 
ll /boot/

ll /boot/
sudo /sbin/service stop iomhsvcscl
sudo rm /etc/init.d/iomhsvcscl 
sudo rm /etc/init.d/nwymhcrsts 
sudo rm /usr/bin/nwymhcrsts 
ps aux|grep nwym
top
sudo kill -9 17439
top
whereis gfty
sudo find / -name "gftp"
top
ll
chkconfig --list
chkconfig --list|grep 3:on
sudo /sbin/service fwcxsowfpo stop
chkconfig --list|grep 3:on
ll
ll /boot/
history
sudo who /var/log/wtmp
cd /opt/nginx/
ll
more conf/nginx.conf
ll
ps aux|grep nginx
chkconfig --list|grep 3:on
vi /etc/crontab 
chkconfig --list|grep 3:on
top
ll /boot/
ll /etc/init.d/
top
qqqqqq
sudo yum update udev
sudo /sbin/service udev restart
ll /etc/init.d/
sudo /sbin/service udev-post restart
sudo /sbin/service udev-post reload
top
sudo kill -9 31966
top
whereis iomhsvcscl
sudo find -name "iomhsvcscl"
top
sudo kill -9 8199
sudo kill -9 6983
top
ll
ll /lib/udev/
ll /boot/
netstat -anp
ll
cd /b
cd /boot/
ll
sudo rm mrudpgugqo 
ll
top
sudo kill -9 7430
top
history
sudo yum install clamd
sudo service clamd start
freshclam
sudo freshclam
sudo service clamd start
sudo clamscan
top
ll /boot/
ll
top
sudo kill -9 9644
top
ll /usr/bin/bu*
top
exit
ll
ll /etc/cron.hourly/
more /etc/cron.hourly/cron.sh 
more /etc/cron.hourly/kill.sh 
ll /lib/libkill*
ll /lib/libki*
ll /lib/libki*.*
sudo rm /etc/cron.hourly/cron.sh
sudo rm /etc/cron.hourly/kill.sh 
exit
ll
echo $PATH
whereis kill
ll /bin/kill
ll /lib/libkill*
sudo rm /lib/libkill.so 
ll /lib/
ll /lib/udev/
sudo rm /lib/udev/udev
ll /lib/udev/
ll /boot/
sudo reboot
top
ll /etc/init.d/
sudo rm /etc/init.d/bukvldtgol
ll
echo $PATH
top
sudo /bin/kill -9 950
top
ll
top
more /etc/init.d/esyaqrszzf 
sudo rm /usr/bin/esyaqrszzf 
top
ll /etc/cron.hourly/
ll /etc/cron.daily/
ll /etc/cron.weekly/
ll /etc/cron.monthly/
ll /etc/cron.d
more /etc/crontab 
sudo vi /etc/crontab 
sudo rm /etc/cron.monthly/readahead-monthly.cron 
ll
top
sudo /bin/kill -9 1719
top
ll
ll /boot/
ll /lib/udev/
ll /lib/lib*
sudo rm /lib/libkill.so
ll /lib/lib*
clear
ll /lib/lib*
sudo rm /lib/libkill.so
ll /lib/lib*
whereis rm
ll /bin/
ll
ps aux|grep kill
top
sudo kill -9 2238 & sudo rm /lib/libkill.so
ll /lib/lib*
sudo vi /lib/libkill.so 
ll /lib/lib*
top
sudo kill -9 3005
top
sudo find / -name "gfty"
ll /tmp/
sz /tmp/gfty 
sudo rm /tmp/gfty 
sudo chattr -a /tmp/gfty 
sudo rm /tmp/gfty 
cd /tmp/
ll
sudo chattr -i /tmp/gfty 
sudo rm /tmp/gfty 
ll
ll ssh-xeYWxg1130/
cd
top
sudo find / -name "gfty"
top
sudo /bin/kill -9 1058
top
sudo find / -name "gfty"
sudo /bin/kill -9 3456
cd /tmp/
ll
sudo chattr -i gfty 
sudo rm gfty 
ll
top
sudo find / -name "getty"
ll /usr/bin/bsd-port/
sudo rm -r /usr/bin/bsd-port/
ll /usr/bin/b*
sudo kill -9 3462
ll /usr/bin/b*
ll /tmp/
sudo chattr -i gfty 
sudo rm gfty 
ll
top
ll
sudo find / -name "geetty"
sudo find / -name "getty"
sudo find / -name "gfty"
ll
ll /usr/bin/b*
whereis gfty
whereis getty
top
ps aux|grep gfty
ps aux|grep getty
ll /sbin/mingetty
ll 
ll -a
sudo kill -9 980
ps aux|grep getty
ps aux|grep gfty
sudo kill -9 992
ps aux|grep gfty
sudo kill -9 992
sudo kill -9 3680
sudo kill -9 992
ps aux|grep gfty
ll
sudo chattr -i gfty
sudo rm gfty
ll
sudo kill -9 3868
top
sudo kill -9 3877
ll
top
cd
ps aux|grep clam
sudo clamscan -r /
sudo clamscan -r /usr --remove
sudo clamscan -r /lib -i
ll /lib/lib*
sudo clamscan -r /lib
sudo clamscan /lib
sudo freshclam
sudo clamscan /boot/
sudo clamscan /usr/bin/
sudo clamscan /tmp/
sudo service clamd start
sudo service clamd status
cd /tmp/
sudo chattr -i gfty
sudo rm gfty 
ll
clamscan -V
sudo service clamd status
top
sudo find / -name getty
sudo clamscan -r /usr/bin/bsd-port/
sudo rm -r /usr/bin/bsd-port/
sudo kill -9 3948
ll /usr/bin/b*
ll
top
ll
sudo find / -name getty
ps aux|grep getty
ps |grep getty
top -c
ll /usr/bin/b* -a
sudo kill 3686
top -c
ll /usr/local/aegis/aegis_client/
ll /usr/local/aegis/aegis_update/
more /usr/local/aegis/aegis_update/install.sh 
sudo more /usr/local/aegis/aegis_update/install.sh 
top
top -c
sudo chattr -i gfty
ll
sudo kill -9 3942
top -c
ll /sbin/i*
top -c
sudo kill -9 4230
top -c
sudo kill -9 4236
rm -r /usr/bin/bsd-port/
sudo rm -r /usr/bin/bsd-port/
top -c
sudo clamscan -r /usr/local/aegis/
ll /lib/lib*
sudo rm /lib/libkill*.*
ll /lib/lib*
ll /etc/cron.hourly/
more /etc/cron.hourly/kill.sh 
sudo rm /etc/cron.hourly/kill.sh 
ll /proc/net/dev/
more /proc/net/dev
sudo service crontab restart
sudo service crond restart
sudo service crond stop
ll /lib/lib*
ll
sudo chattr -i gfty 
sudo rm gfty 
ll /usr/bin/bs*
cd /usr/bin/
ls bs*
ls
ls bs*.*
ls bs*
sudo rm -r bsd-port/
top
top -c
sudo kill -9 4293
top -c
sudo kill -9 4302
top -c
cd /tmp/
ll
sudo chmod 000 gates.lod 
ll
sudo chattr -i gfty 
sudo rm gfty 
sudo chmod 000 moni.lod 
sudo service sendmail stop
rm -rf /usr/bin/bsd-port/
sudo rm -rf /usr/bin/bsd-port/
sudo rm moni.lod 
sudo rm gates.lod 
ll /bin/
sudo rm /bin/ps
sudo clamscan -r /bin/
sudo rm /bin/netstat 
whereis top
ll /usr/bin/
sudo clamscan -r /usr/bin/
sudo clamscan -r /usr/bin/ --remove
ll
sudo chattr -i gfty 
sudo rm gfty 
top -c
sudo rm -r /usr/bin/bsd-port/
sudo kill -9 4432
top -c
sudo kill -9 4516
top -c
ll /bin/kill
sudo kill -9 4426
sudo kill -9 4509
top -c
ll /etc/init.d/
sudo rm /etc/init.d/mrudpgugqo
ll /etc/init.d/
sudo rm /etc/init.d/tjsorcvxtt
ll /etc/init.d/
more /etc/init.d/selinux 
sudo rm /etc/init.d/selinux 
sudo rm /etc/init.d/DbSecuritySpt
top -c
sudo reboot
top
top -c
ll /etc/init.d/
ll /tmp/
ll /bin/
ll /usr/bin/bs*
ll /boot/
top
top -c
ll
cd /etc/sysconfig/sshd 
vi /etc/ssh/sshd_config 
sudo vi /etc/ssh/sshd_config 
sudo service sshd restart
exit
ll
top -c
ll /opt/nginx/
ll /opt/nginx/sbin/
sudo passwd root
exit
top -c
ll
whereis ls
rz
ll
sudo mv netstat /bin/
sudo mv ps /bin/
ll /bin/
cd /b
cd /bin/
sudo chown root:root ps
sudo chown root:root netstat 
sudo chmod a+x ps 
sudo chmod a+x netstat 
ll
ll /etc/alternatives/ks*
pwd
ll
cd
ll
top -c
whereis lsof
ll /usr/sbin/
cd
rz
ll
sudo chown root:root lsof 
sudo chmod a+x lsof 
sudo mv lsof /usr/sbin/
whereis lsof
lsof -i
sudo lsof -i
exit
top -c
ll
exit
top -c
exit

 

posted on 2016-07-11 11:10  Milton  阅读(1240)  评论(0编辑  收藏  举报

导航