Centos6 服务器病毒查杀命令历史
top whereis vhowazeclu ll /usr/bin/v* more /usr/bin/vhowazeclu ps aux|grep vhowa ps aux|grep vhowazeclu top sudo kill -9 12789 top whereis nwymhcrsts crontab -L crontab -l crontab -u root -l sudo crontab -u root -l top ll /usr/bin/nw* ll /usr/bin/ ll /usr/bin/v* ll /usr/bin/nw* sz /usr/bin/nwymhcrsts sudo who /var/log/wtmp ll /var/www/html sudo more /etc/passwd sudo more /var/log/messages sudo more /var/log/messages-20151206 sudo more /var/log/messages-20151213 sudo yum install clamd top whereis gfty top sudo more /root/.bash_history history ll chkconfig --list chkconfig --list|grep 3:on ll /etc/init.d/nw* more /etc/init.d/nwymhcrsts more /etc/init.d/iomhsvcscl ll /boot/ sz /boot/iomhsvcscl ll /usr/bin/nwymhcrsts ll ll /usr/bin/nwymhcrsts ll /boot/ ll /boot/ sudo /sbin/service stop iomhsvcscl sudo rm /etc/init.d/iomhsvcscl sudo rm /etc/init.d/nwymhcrsts sudo rm /usr/bin/nwymhcrsts ps aux|grep nwym top sudo kill -9 17439 top whereis gfty sudo find / -name "gftp" top ll chkconfig --list chkconfig --list|grep 3:on sudo /sbin/service fwcxsowfpo stop chkconfig --list|grep 3:on ll ll /boot/ history sudo who /var/log/wtmp cd /opt/nginx/ ll more conf/nginx.conf ll ps aux|grep nginx chkconfig --list|grep 3:on vi /etc/crontab chkconfig --list|grep 3:on top ll /boot/ ll /etc/init.d/ top qqqqqq sudo yum update udev sudo /sbin/service udev restart ll /etc/init.d/ sudo /sbin/service udev-post restart sudo /sbin/service udev-post reload top sudo kill -9 31966 top whereis iomhsvcscl sudo find -name "iomhsvcscl" top sudo kill -9 8199 sudo kill -9 6983 top ll ll /lib/udev/ ll /boot/ netstat -anp ll cd /b cd /boot/ ll sudo rm mrudpgugqo ll top sudo kill -9 7430 top history sudo yum install clamd sudo service clamd start freshclam sudo freshclam sudo service clamd start sudo clamscan top ll /boot/ ll top sudo kill -9 9644 top ll /usr/bin/bu* top exit ll ll /etc/cron.hourly/ more /etc/cron.hourly/cron.sh more /etc/cron.hourly/kill.sh ll /lib/libkill* ll /lib/libki* ll /lib/libki*.* sudo rm /etc/cron.hourly/cron.sh sudo rm /etc/cron.hourly/kill.sh exit ll echo $PATH whereis kill ll /bin/kill ll /lib/libkill* sudo rm /lib/libkill.so ll /lib/ ll /lib/udev/ sudo rm /lib/udev/udev ll /lib/udev/ ll /boot/ sudo reboot top ll /etc/init.d/ sudo rm /etc/init.d/bukvldtgol ll echo $PATH top sudo /bin/kill -9 950 top ll top more /etc/init.d/esyaqrszzf sudo rm /usr/bin/esyaqrszzf top ll /etc/cron.hourly/ ll /etc/cron.daily/ ll /etc/cron.weekly/ ll /etc/cron.monthly/ ll /etc/cron.d more /etc/crontab sudo vi /etc/crontab sudo rm /etc/cron.monthly/readahead-monthly.cron ll top sudo /bin/kill -9 1719 top ll ll /boot/ ll /lib/udev/ ll /lib/lib* sudo rm /lib/libkill.so ll /lib/lib* clear ll /lib/lib* sudo rm /lib/libkill.so ll /lib/lib* whereis rm ll /bin/ ll ps aux|grep kill top sudo kill -9 2238 & sudo rm /lib/libkill.so ll /lib/lib* sudo vi /lib/libkill.so ll /lib/lib* top sudo kill -9 3005 top sudo find / -name "gfty" ll /tmp/ sz /tmp/gfty sudo rm /tmp/gfty sudo chattr -a /tmp/gfty sudo rm /tmp/gfty cd /tmp/ ll sudo chattr -i /tmp/gfty sudo rm /tmp/gfty ll ll ssh-xeYWxg1130/ cd top sudo find / -name "gfty" top sudo /bin/kill -9 1058 top sudo find / -name "gfty" sudo /bin/kill -9 3456 cd /tmp/ ll sudo chattr -i gfty sudo rm gfty ll top sudo find / -name "getty" ll /usr/bin/bsd-port/ sudo rm -r /usr/bin/bsd-port/ ll /usr/bin/b* sudo kill -9 3462 ll /usr/bin/b* ll /tmp/ sudo chattr -i gfty sudo rm gfty ll top ll sudo find / -name "geetty" sudo find / -name "getty" sudo find / -name "gfty" ll ll /usr/bin/b* whereis gfty whereis getty top ps aux|grep gfty ps aux|grep getty ll /sbin/mingetty ll ll -a sudo kill -9 980 ps aux|grep getty ps aux|grep gfty sudo kill -9 992 ps aux|grep gfty sudo kill -9 992 sudo kill -9 3680 sudo kill -9 992 ps aux|grep gfty ll sudo chattr -i gfty sudo rm gfty ll sudo kill -9 3868 top sudo kill -9 3877 ll top cd ps aux|grep clam sudo clamscan -r / sudo clamscan -r /usr --remove sudo clamscan -r /lib -i ll /lib/lib* sudo clamscan -r /lib sudo clamscan /lib sudo freshclam sudo clamscan /boot/ sudo clamscan /usr/bin/ sudo clamscan /tmp/ sudo service clamd start sudo service clamd status cd /tmp/ sudo chattr -i gfty sudo rm gfty ll clamscan -V sudo service clamd status top sudo find / -name getty sudo clamscan -r /usr/bin/bsd-port/ sudo rm -r /usr/bin/bsd-port/ sudo kill -9 3948 ll /usr/bin/b* ll top ll sudo find / -name getty ps aux|grep getty ps |grep getty top -c ll /usr/bin/b* -a sudo kill 3686 top -c ll /usr/local/aegis/aegis_client/ ll /usr/local/aegis/aegis_update/ more /usr/local/aegis/aegis_update/install.sh sudo more /usr/local/aegis/aegis_update/install.sh top top -c sudo chattr -i gfty ll sudo kill -9 3942 top -c ll /sbin/i* top -c sudo kill -9 4230 top -c sudo kill -9 4236 rm -r /usr/bin/bsd-port/ sudo rm -r /usr/bin/bsd-port/ top -c sudo clamscan -r /usr/local/aegis/ ll /lib/lib* sudo rm /lib/libkill*.* ll /lib/lib* ll /etc/cron.hourly/ more /etc/cron.hourly/kill.sh sudo rm /etc/cron.hourly/kill.sh ll /proc/net/dev/ more /proc/net/dev sudo service crontab restart sudo service crond restart sudo service crond stop ll /lib/lib* ll sudo chattr -i gfty sudo rm gfty ll /usr/bin/bs* cd /usr/bin/ ls bs* ls ls bs*.* ls bs* sudo rm -r bsd-port/ top top -c sudo kill -9 4293 top -c sudo kill -9 4302 top -c cd /tmp/ ll sudo chmod 000 gates.lod ll sudo chattr -i gfty sudo rm gfty sudo chmod 000 moni.lod sudo service sendmail stop rm -rf /usr/bin/bsd-port/ sudo rm -rf /usr/bin/bsd-port/ sudo rm moni.lod sudo rm gates.lod ll /bin/ sudo rm /bin/ps sudo clamscan -r /bin/ sudo rm /bin/netstat whereis top ll /usr/bin/ sudo clamscan -r /usr/bin/ sudo clamscan -r /usr/bin/ --remove ll sudo chattr -i gfty sudo rm gfty top -c sudo rm -r /usr/bin/bsd-port/ sudo kill -9 4432 top -c sudo kill -9 4516 top -c ll /bin/kill sudo kill -9 4426 sudo kill -9 4509 top -c ll /etc/init.d/ sudo rm /etc/init.d/mrudpgugqo ll /etc/init.d/ sudo rm /etc/init.d/tjsorcvxtt ll /etc/init.d/ more /etc/init.d/selinux sudo rm /etc/init.d/selinux sudo rm /etc/init.d/DbSecuritySpt top -c sudo reboot top top -c ll /etc/init.d/ ll /tmp/ ll /bin/ ll /usr/bin/bs* ll /boot/ top top -c ll cd /etc/sysconfig/sshd vi /etc/ssh/sshd_config sudo vi /etc/ssh/sshd_config sudo service sshd restart exit ll top -c ll /opt/nginx/ ll /opt/nginx/sbin/ sudo passwd root exit top -c ll whereis ls rz ll sudo mv netstat /bin/ sudo mv ps /bin/ ll /bin/ cd /b cd /bin/ sudo chown root:root ps sudo chown root:root netstat sudo chmod a+x ps sudo chmod a+x netstat ll ll /etc/alternatives/ks* pwd ll cd ll top -c whereis lsof ll /usr/sbin/ cd rz ll sudo chown root:root lsof sudo chmod a+x lsof sudo mv lsof /usr/sbin/ whereis lsof lsof -i sudo lsof -i exit top -c ll exit top -c exit