How did I removed watchbog virus ?

Added to hosts file

$nano /etc/hosts

127.0.0.1 pastebin.com
127.0.0.1 semrush.com

Killed the watchbog process

check using pid with top command

$kill 1800

The kill and remove the virus from is location

$kill 11896 && rm -Rf /tmp/systemd-private-afjdhdicjijo473skiosoohxiskl573q-systemd-timesyncc.service-g1g5qf/cred/fghhhh/data

Also add this rm command to crontab -e for every second

This guide has helped me

https://www.alibabacloud.com/blog/return-of-watchbog-exploiting-jenkins-cve-2018-1000861_594798