Open early in the morning to go to work for a server computer, habitual, not smooth sense of the past, particularly slow, is it because of my computer does not shut down?
At this point I opened the other servers, the results will go up very fast, which is wrong, but immediately switch to a special card that server View:
I thought it was out of memory:
free -h
We found that memory is sufficient, and there is no problem
Then top view:
Sort cpu top #
The results saw the top two processes networkservice, which is a web service?
Find file location:
grep -R networkservice *
See the files in the / etc, switching to / lower etc, ll see, FML, a few extra files not seen
update.sh sysupdate sysguard networkservice there may be other, one can see on these
cat sh file a bit, really, identified poisoned
Kill the process at this time is useless, he will automatically restart
This is the first time to execute permissions networkservice came down, and then kill it
chmod -x networkservice
Being given no authority, it should be locked
chattr -i networkservice
Again chmod -x networkservice success
kill -9 networkservice process ID
Look again there is no timing tasks, with clear
crontab -l
Found no
Then write content according to update.sh little by little it changed back!
If troublesome, fear not clean delete and hit the safest reinstall the system, I was the host cloud, too heavy after the end of the backup data!
Bitter experience! !
