| Server IP : 123.56.80.60 / Your IP : 216.73.216.78 Web Server : Apache/2.4.54 (Win32) OpenSSL/1.1.1s PHP/7.4.33 mod_fcgid/2.3.10-dev System : Windows NT iZhx3sob14hnz7Z 10.0 build 14393 (Windows Server 2016) i586 User : SYSTEM ( 0) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/data/rtap/log/ |
Upload File : |
2026-02-28 10:09:55 [Info] [1080] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py.md5 2026-02-28 10:09:55 [Info] [1080] start do http get request for aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py.md5 2026-02-28 10:09:55 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py.md5, http code : 200, curl ret : 0 2026-02-28 10:09:55 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py, http code : 200, curl ret : 0 2026-02-28 10:09:55 [Info] [1080] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca.py 2026-02-28 10:09:55 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py 2026-02-28 10:09:55 [Info] [1080] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py 2026-02-28 10:09:55 [Info] [1080] start do http get request for update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py 2026-02-28 10:09:55 [Info] [1080] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py.md5 2026-02-28 10:09:55 [Info] [1080] start do http get request for aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py.md5 2026-02-28 10:09:55 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py.md5, http code : 200, curl ret : 0 2026-02-28 10:09:55 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py, http code : 200, curl ret : 0 2026-02-28 10:09:55 [Info] [1080] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_utils.py 2026-02-28 10:09:55 [Info] [1080] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py 2026-02-28 10:09:55 [Info] [1080] start do http get request for update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py 2026-02-28 10:09:56 [Info] [1080] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py.md5 2026-02-28 10:09:56 [Info] [1080] start do http get request for aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py.md5 2026-02-28 10:09:56 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py.md5, http code : 200, curl ret : 0 2026-02-28 10:09:56 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py, http code : 200, curl ret : 0 2026-02-28 10:09:56 [Info] [1080] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_common_proc.py 2026-02-28 10:09:56 [Info] [1080] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py 2026-02-28 10:09:56 [Info] [1080] start do http get request for update.aegis.aliyun.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py 2026-02-28 10:09:56 [Info] [1080] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py.md5 2026-02-28 10:09:56 [Info] [1080] start do http get request for aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py.md5 2026-02-28 10:09:56 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py.md5, http code : 200, curl ret : 0 2026-02-28 10:09:56 [Info] [1080] http request success : https://aegis.alicdn.com/rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py, http code : 200, curl ret : 0 2026-02-28 10:09:56 [Info] [1080] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_java_proc.py 2026-02-28 10:09:57 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py 2026-02-28 10:09:57 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py 2026-02-28 10:09:57 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py 2026-02-28 10:09:57 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py 2026-02-28 10:09:57 [Info] [1080] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py 2026-02-28 10:09:57 [Info] [1080] Download redirect files success. 2026-02-28 10:09:57 [Info] [1080] Prepare stage1: --sca 2026-02-28 10:09:57 [Info] [1080] Prepare stage2 2026-02-28 10:09:57 [Warn] [1080] high cpu, cpu is 20 2026-02-28 10:09:57 [Info] [1080] try get sys version 2026-02-28 10:09:57 [Info] [1080] win sys info:2/10:0:3 2026-02-28 10:09:57 [Info] [1080] suit legal version, enable cpu control 2026-02-28 10:09:57 [Warn] [1080] High CPU Warning: 20 2026-02-28 10:09:58 [Warn] [1080] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:<string> line: 1 in func: <module> File:sca_utils.py line: 36 in func: <module> File:sca.py line: 44 in func: <module> 2026-02-28 10:09:59 [Info] [1080] log memory size is 30720KB, real memory size is 32252KB 2026-02-28 10:10:03 [Info] [1080] log memory size is 40960KB, real memory size is 32896KB 2026-02-28 10:10:12 [Info] [1080] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-02-28 10:10:32 [Warn] [1080] high cpu, cpu is 23 2026-02-28 10:10:32 [Warn] [1080] High CPU Warning: 23 2026-02-28 10:10:32 [Warn] [1080] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: 2026-02-28 10:10:33 [Info] [1080] stage3: --sca 2026-02-28 10:10:33 [Info] [1080] Loader after check 2026-02-28 10:10:34 [Info] [1080] Enter reuse wait state. 2026-02-28 10:10:36 [Info] [1080] recvmsg: EXIT 2026-02-28 10:10:36 [Info] [1080] Recv Exit Msg, Exit... 2026-02-28 10:34:33 [Info] [5008] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 10:34:33 [Info] [5008] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap241341772246072 2026-02-28 10:34:33 [Info] [5008] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 10:34:33 [Info] [5008] Resource monitor start 2026-02-28 10:34:33 [Info] [5008] ipc client init success 2026-02-28 10:34:33 [Info] [5008] Ipc init: 0 2026-02-28 10:34:33 [Info] [5008] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 10:34:33 [Info] [5008] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 10:34:33 [Info] [5008] start ipc thread id[5012] 2026-02-28 10:34:33 [Info] [5008] Connect Yundun ipc server return state is 0 2026-02-28 10:34:33 [Info] [5008] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 10:34:33 [Info] [5008] CResourceMonitor::run Enter 2026-02-28 10:34:33 [Info] [5008] CIpcMsgHandlerMgr::run Enter 2026-02-28 10:34:33 [Info] [5008] Report thread 2026-02-28 10:34:33 [Info] [5008] Monitor thread 2026-02-28 10:34:33 [Info] [5008] Loader thread 2026-02-28 10:34:33 [Info] [5008] PythonEngineImpl Init... 2026-02-28 10:34:33 [Info] [5008] yundun connected 2026-02-28 10:34:33 [Info] [5008] recvmsg: HELLO 2026-02-28 10:34:33 [Info] [5008] recvmsg: WORK 2026-02-28 10:34:33 [Info] [5008] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:34:33 [Info] [5008] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:34:33 [Info] [5008] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:34:33 [Info] [5008] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:34:34 [Info] [5008] log fd cnt is [250], real fd cnt is [282] 2026-02-28 10:34:34 [Info] [5008] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 10:34:34 [Info] [5008] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 10:34:35 [Info] [5008] log memory size is 20480KB, real memory size is 14600KB 2026-02-28 10:34:35 [Info] [5008] item: --windows-registry-check 2026-02-28 10:34:35 [Info] [5008] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-02-28 10:34:35 [Info] [5008] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-02-28 10:34:35 [Info] [5008] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:34:35 [Info] [5008] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:34:35 [Info] [5008] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0 2026-02-28 10:34:35 [Info] [5008] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5 2026-02-28 10:34:35 [Info] [5008] Prepare stage1: --windows-registry-check 2026-02-28 10:34:35 [Info] [5008] Prepare stage2 2026-02-28 10:34:50 [Info] [5008] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-02-28 10:35:04 [Info] [5008] stage3: --windows-registry-check 2026-02-28 10:35:04 [Info] [5008] Loader after check 2026-02-28 10:35:05 [Info] [5008] Enter reuse wait state. 2026-02-28 10:35:08 [Info] [5008] recvmsg: EXIT 2026-02-28 10:35:08 [Info] [5008] Recv Exit Msg, Exit... 2026-02-28 10:36:00 [Info] [4528] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 10:36:00 [Info] [4528] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap244211772246160 2026-02-28 10:36:00 [Info] [4528] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 10:36:01 [Info] [4528] Resource monitor start 2026-02-28 10:36:01 [Info] [4528] ipc client init success 2026-02-28 10:36:01 [Info] [4528] Ipc init: 0 2026-02-28 10:36:01 [Info] [4528] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 10:36:01 [Info] [4528] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 10:36:01 [Info] [4528] start ipc thread id[252] 2026-02-28 10:36:01 [Info] [4528] Connect Yundun ipc server return state is 0 2026-02-28 10:36:01 [Info] [4528] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 10:36:01 [Info] [4528] CResourceMonitor::run Enter 2026-02-28 10:36:01 [Info] [4528] CIpcMsgHandlerMgr::run Enter 2026-02-28 10:36:01 [Info] [4528] Report thread 2026-02-28 10:36:01 [Info] [4528] Monitor thread 2026-02-28 10:36:01 [Info] [4528] Loader thread 2026-02-28 10:36:01 [Info] [4528] PythonEngineImpl Init... 2026-02-28 10:36:01 [Info] [4528] yundun connected 2026-02-28 10:36:01 [Info] [4528] recvmsg: HELLO 2026-02-28 10:36:01 [Info] [4528] recvmsg: WORK 2026-02-28 10:36:01 [Info] [4528] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:36:01 [Info] [4528] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:36:01 [Info] [4528] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:36:01 [Info] [4528] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:36:02 [Info] [4528] log fd cnt is [250], real fd cnt is [282] 2026-02-28 10:36:02 [Info] [4528] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 10:36:02 [Info] [4528] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 10:36:03 [Info] [4528] log memory size is 20480KB, real memory size is 14572KB 2026-02-28 10:36:03 [Info] [4528] item: --windows-driver-version-check 2026-02-28 10:36:03 [Info] [4528] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-02-28 10:36:03 [Info] [4528] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-02-28 10:36:03 [Info] [4528] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:36:03 [Info] [4528] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:36:03 [Info] [4528] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0 2026-02-28 10:36:03 [Info] [4528] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5 2026-02-28 10:36:03 [Info] [4528] Prepare stage1: --windows-driver-version-check 2026-02-28 10:36:03 [Info] [4528] Prepare stage2 2026-02-28 10:36:03 [Info] [4528] stage3: --windows-driver-version-check 2026-02-28 10:36:03 [Info] [4528] Loader after check 2026-02-28 10:36:04 [Info] [4528] Enter reuse wait state. 2026-02-28 10:36:08 [Info] [4528] recvmsg: EXIT 2026-02-28 10:36:08 [Info] [4528] Recv Exit Msg, Exit... 2026-02-28 10:50:23 [Info] [2444] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 10:50:23 [Info] [2444] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap272361772247022 2026-02-28 10:50:23 [Info] [2444] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 10:50:23 [Info] [2444] Resource monitor start 2026-02-28 10:50:23 [Info] [2444] ipc client init success 2026-02-28 10:50:23 [Info] [2444] Ipc init: 0 2026-02-28 10:50:23 [Info] [2444] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 10:50:23 [Info] [2444] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 10:50:23 [Info] [2444] start ipc thread id[2308] 2026-02-28 10:50:23 [Info] [2444] Connect Yundun ipc server return state is 0 2026-02-28 10:50:23 [Info] [2444] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 10:50:23 [Info] [2444] CResourceMonitor::run Enter 2026-02-28 10:50:23 [Info] [2444] CIpcMsgHandlerMgr::run Enter 2026-02-28 10:50:23 [Info] [2444] Report thread 2026-02-28 10:50:23 [Info] [2444] Monitor thread 2026-02-28 10:50:23 [Info] [2444] Loader thread 2026-02-28 10:50:23 [Info] [2444] PythonEngineImpl Init... 2026-02-28 10:50:23 [Info] [2444] yundun connected 2026-02-28 10:50:23 [Info] [2444] recvmsg: HELLO 2026-02-28 10:50:23 [Info] [2444] recvmsg: WORK 2026-02-28 10:50:23 [Info] [2444] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:50:23 [Info] [2444] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 10:50:23 [Info] [2444] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:50:23 [Info] [2444] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:50:24 [Info] [2444] log fd cnt is [250], real fd cnt is [282] 2026-02-28 10:50:24 [Info] [2444] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 10:50:24 [Info] [2444] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 10:50:25 [Info] [2444] log memory size is 20480KB, real memory size is 14600KB 2026-02-28 10:50:25 [Info] [2444] item: --windows-schedule-task-check 2026-02-28 10:50:25 [Info] [2444] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-02-28 10:50:25 [Info] [2444] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-02-28 10:50:25 [Info] [2444] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 10:50:25 [Info] [2444] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 10:50:25 [Info] [2444] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-02-28 10:50:25 [Info] [2444] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0 2026-02-28 10:50:25 [Info] [2444] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5 2026-02-28 10:50:25 [Info] [2444] Prepare stage1: --windows-schedule-task-check 2026-02-28 10:50:25 [Info] [2444] Prepare stage2 2026-02-28 10:50:26 [Warn] [2444] high cpu, cpu is 18 2026-02-28 10:50:26 [Info] [2444] try get sys version 2026-02-28 10:50:26 [Info] [2444] win sys info:2/10:0:3 2026-02-28 10:50:26 [Info] [2444] suit legal version, enable cpu control 2026-02-28 10:50:26 [Warn] [2444] High CPU Warning: 18 2026-02-28 10:50:26 [Warn] [2444] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:windows-schedule-task-check.py line: 382 in func: GetScheduleTaskByCom File:windows-schedule-task-check.py line: 244 in func: GetTasksBySchtasks File:windows-schedule-task-check.py line: 425 in func: check File:windows-schedule-task-check.py line: 61 in func: main File:windows-schedule-task-check.py line: 433 in func: start 2026-02-28 10:50:29 [Info] [2444] log memory size is 30720KB, real memory size is 23324KB 2026-02-28 10:50:56 [Info] [2444] stage3: --windows-schedule-task-check 2026-02-28 10:50:56 [Info] [2444] Loader after check 2026-02-28 10:50:57 [Info] [2444] Enter reuse wait state. 2026-02-28 10:50:58 [Info] [2444] recvmsg: EXIT 2026-02-28 10:50:58 [Info] [2444] Recv Exit Msg, Exit... 2026-02-28 11:17:19 [Info] [3220] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 11:17:19 [Info] [3220] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap325171772248639 2026-02-28 11:17:19 [Info] [3220] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 11:17:19 [Info] [3220] Resource monitor start 2026-02-28 11:17:19 [Info] [3220] ipc client init success 2026-02-28 11:17:19 [Info] [3220] Ipc init: 0 2026-02-28 11:17:19 [Info] [3220] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 11:17:19 [Info] [3220] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 11:17:19 [Info] [3220] start ipc thread id[1264] 2026-02-28 11:17:19 [Info] [3220] Connect Yundun ipc server return state is 0 2026-02-28 11:17:19 [Info] [3220] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 11:17:19 [Info] [3220] CResourceMonitor::run Enter 2026-02-28 11:17:19 [Info] [3220] CIpcMsgHandlerMgr::run Enter 2026-02-28 11:17:19 [Info] [3220] Report thread 2026-02-28 11:17:19 [Info] [3220] Monitor thread 2026-02-28 11:17:19 [Info] [3220] Loader thread 2026-02-28 11:17:19 [Info] [3220] PythonEngineImpl Init... 2026-02-28 11:17:19 [Info] [3220] yundun connected 2026-02-28 11:17:20 [Info] [3220] recvmsg: HELLO 2026-02-28 11:17:20 [Info] [3220] recvmsg: WORK 2026-02-28 11:17:20 [Info] [3220] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 11:17:20 [Info] [3220] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 11:17:20 [Info] [3220] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 11:17:20 [Info] [3220] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 11:17:20 [Info] [3220] log fd cnt is [250], real fd cnt is [282] 2026-02-28 11:17:20 [Info] [3220] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 11:17:20 [Info] [3220] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 11:17:21 [Info] [3220] log memory size is 20480KB, real memory size is 14588KB 2026-02-28 11:17:22 [Info] [3220] item: --windows-autorun-item-check 2026-02-28 11:17:22 [Info] [3220] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-02-28 11:17:22 [Info] [3220] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-02-28 11:17:22 [Info] [3220] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 11:17:22 [Info] [3220] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 11:17:22 [Info] [3220] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0 2026-02-28 11:17:22 [Info] [3220] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5 2026-02-28 11:17:22 [Info] [3220] Prepare stage1: --windows-autorun-item-check 2026-02-28 11:17:22 [Info] [3220] Prepare stage2 2026-02-28 11:17:25 [Info] [3220] log memory size is 30720KB, real memory size is 22280KB 2026-02-28 11:17:26 [Info] [3220] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-02-28 11:17:32 [Info] [3220] stage3: --windows-autorun-item-check 2026-02-28 11:17:32 [Info] [3220] Loader after check 2026-02-28 11:17:33 [Info] [3220] Enter reuse wait state. 2026-02-28 11:17:35 [Info] [3220] recvmsg: EXIT 2026-02-28 11:17:35 [Info] [3220] Recv Exit Msg, Exit... 2026-02-28 11:57:42 [Info] [4776] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 11:57:42 [Info] [4776] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap76611772251062 2026-02-28 11:57:42 [Info] [4776] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 11:57:42 [Info] [4776] Resource monitor start 2026-02-28 11:57:42 [Info] [4776] ipc client init success 2026-02-28 11:57:42 [Info] [4776] Ipc init: 0 2026-02-28 11:57:42 [Info] [4776] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 11:57:42 [Info] [4776] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 11:57:42 [Info] [4776] start ipc thread id[4272] 2026-02-28 11:57:42 [Info] [4776] Connect Yundun ipc server return state is 0 2026-02-28 11:57:42 [Info] [4776] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 11:57:42 [Info] [4776] CResourceMonitor::run Enter 2026-02-28 11:57:42 [Info] [4776] CIpcMsgHandlerMgr::run Enter 2026-02-28 11:57:42 [Info] [4776] Report thread 2026-02-28 11:57:42 [Info] [4776] Monitor thread 2026-02-28 11:57:42 [Info] [4776] Loader thread 2026-02-28 11:57:42 [Info] [4776] PythonEngineImpl Init... 2026-02-28 11:57:42 [Info] [4776] yundun connected 2026-02-28 11:57:42 [Info] [4776] recvmsg: HELLO 2026-02-28 11:57:42 [Info] [4776] recvmsg: WORK 2026-02-28 11:57:42 [Info] [4776] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 11:57:42 [Info] [4776] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 11:57:42 [Info] [4776] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 11:57:43 [Info] [4776] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 11:57:43 [Info] [4776] log fd cnt is [250], real fd cnt is [282] 2026-02-28 11:57:43 [Info] [4776] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 11:57:43 [Info] [4776] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 11:57:44 [Info] [4776] log memory size is 20480KB, real memory size is 14508KB 2026-02-28 11:57:44 [Info] [4776] item: --tcp-connect-check 2026-02-28 11:57:44 [Info] [4776] cgroup name aegisRtap0 2026-02-28 11:57:44 [Info] [4776] try get sys version 2026-02-28 11:57:44 [Info] [4776] win sys info:2/10:0:3 2026-02-28 11:57:44 [Info] [4776] suit legal version, enable cpu control 2026-02-28 11:57:44 [Info] [4776] get AssignProcessToJobObject handle [00000478] 2026-02-28 11:57:44 [Info] [4776] Set setJobExtended. 2026-02-28 11:57:44 [Info] [4776] Set cpu [9%] 2026-02-28 11:57:44 [Info] [4776] Set cpu success 2026-02-28 11:57:44 [Info] [4776] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-02-28 11:57:44 [Info] [4776] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-02-28 11:57:44 [Info] [4776] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 11:57:44 [Info] [4776] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 11:57:44 [Info] [4776] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0 2026-02-28 11:57:44 [Info] [4776] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5 2026-02-28 11:57:45 [Info] [4776] Prepare stage1: --tcp-connect-check 2026-02-28 11:57:45 [Info] [4776] Prepare stage2 2026-02-28 11:57:47 [Info] [4776] stage3: --tcp-connect-check 2026-02-28 11:57:47 [Info] [4776] Loader after check 2026-02-28 11:57:48 [Info] [4776] Enter reuse wait state. 2026-02-28 11:57:54 [Info] [4776] recvmsg: EXIT 2026-02-28 11:57:54 [Info] [4776] Recv Exit Msg, Exit... 2026-02-28 14:01:45 [Info] [5084] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 14:01:45 [Info] [5084] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap319411772258497 2026-02-28 14:01:45 [Info] [5084] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 14:01:47 [Info] [5084] Resource monitor start 2026-02-28 14:01:47 [Info] [5084] ipc client init success 2026-02-28 14:01:47 [Info] [5084] Ipc init: 0 2026-02-28 14:01:47 [Info] [5084] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 14:01:47 [Info] [5084] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 14:01:47 [Info] [5084] start ipc thread id[3984] 2026-02-28 14:01:47 [Info] [5084] Connect Yundun ipc server return state is 0 2026-02-28 14:01:47 [Info] [5084] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 14:01:47 [Info] [5084] CResourceMonitor::run Enter 2026-02-28 14:01:47 [Info] [5084] CIpcMsgHandlerMgr::run Enter 2026-02-28 14:01:47 [Info] [5084] yundun connected 2026-02-28 14:01:47 [Info] [5084] Report thread 2026-02-28 14:01:47 [Info] [5084] Monitor thread 2026-02-28 14:01:47 [Info] [5084] Loader thread 2026-02-28 14:01:47 [Info] [5084] PythonEngineImpl Init... 2026-02-28 14:01:47 [Info] [5084] recvmsg: HELLO 2026-02-28 14:01:47 [Info] [5084] recvmsg: WORK 2026-02-28 14:01:47 [Info] [5084] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 14:01:47 [Info] [5084] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 14:01:47 [Info] [5084] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 14:01:48 [Info] [5084] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 14:01:48 [Info] [5084] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 14:01:48 [Info] [5084] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 14:01:48 [Info] [5084] log fd cnt is [250], real fd cnt is [281] 2026-02-28 14:01:49 [Info] [5084] item: --windows-sysinfoext-check 2026-02-28 14:01:49 [Info] [5084] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 14:01:49 [Info] [5084] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 14:01:49 [Info] [5084] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 14:01:49 [Info] [5084] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 14:01:49 [Info] [5084] log memory size is 20480KB, real memory size is 14596KB 2026-02-28 14:01:49 [Info] [5084] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-02-28 14:01:49 [Info] [5084] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 14:01:49 [Info] [5084] Prepare stage1: --windows-sysinfoext-check 2026-02-28 14:01:49 [Info] [5084] Prepare stage2 2026-02-28 14:01:53 [Info] [5084] log memory size is 30720KB, real memory size is 22704KB 2026-02-28 14:01:53 [Info] [5084] stage3: --windows-sysinfoext-check 2026-02-28 14:01:53 [Info] [5084] Loader after check 2026-02-28 14:01:54 [Warn] [5084] high cpu, cpu is 13 2026-02-28 14:01:54 [Info] [5084] try get sys version 2026-02-28 14:01:54 [Info] [5084] win sys info:2/10:0:3 2026-02-28 14:01:54 [Info] [5084] suit legal version, enable cpu control 2026-02-28 14:01:54 [Warn] [5084] High CPU Warning: 13 2026-02-28 14:01:54 [Warn] [5084] resource monitor exp type: High CPU Warning, script runing: 0 2026-02-28 14:01:54 [Info] [5084] Enter reuse wait state. 2026-02-28 14:01:58 [Info] [5084] recvmsg: EXIT 2026-02-28 14:01:58 [Info] [5084] Recv Exit Msg, Exit... 2026-02-28 15:01:04 [Info] [2024] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 15:01:04 [Info] [2024] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap108211772262064 2026-02-28 15:01:04 [Info] [2024] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 15:01:04 [Info] [2024] Resource monitor start 2026-02-28 15:01:04 [Info] [2024] ipc client init success 2026-02-28 15:01:04 [Info] [2024] Ipc init: 0 2026-02-28 15:01:04 [Info] [2024] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 15:01:04 [Info] [2024] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 15:01:04 [Info] [2024] start ipc thread id[1684] 2026-02-28 15:01:04 [Info] [2024] Connect Yundun ipc server return state is 0 2026-02-28 15:01:04 [Info] [2024] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 15:01:04 [Info] [2024] CResourceMonitor::run Enter 2026-02-28 15:01:04 [Info] [2024] CIpcMsgHandlerMgr::run Enter 2026-02-28 15:01:04 [Info] [2024] Report thread 2026-02-28 15:01:04 [Info] [2024] Monitor thread 2026-02-28 15:01:04 [Info] [2024] Loader thread 2026-02-28 15:01:04 [Info] [2024] PythonEngineImpl Init... 2026-02-28 15:01:04 [Info] [2024] yundun connected 2026-02-28 15:01:05 [Info] [2024] recvmsg: HELLO 2026-02-28 15:01:05 [Info] [2024] recvmsg: WORK 2026-02-28 15:01:05 [Info] [2024] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 15:01:05 [Info] [2024] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 15:01:05 [Info] [2024] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 15:01:05 [Info] [2024] log fd cnt is [250], real fd cnt is [282] 2026-02-28 15:01:05 [Info] [2024] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 15:01:05 [Info] [2024] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 15:01:05 [Info] [2024] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 15:01:06 [Info] [2024] log memory size is 20480KB, real memory size is 14500KB 2026-02-28 15:01:06 [Info] [2024] item: --amsi_clean 2026-02-28 15:01:06 [Info] [2024] cgroup name aegisRtap0 2026-02-28 15:01:06 [Info] [2024] try get sys version 2026-02-28 15:01:06 [Info] [2024] win sys info:2/10:0:3 2026-02-28 15:01:06 [Info] [2024] suit legal version, enable cpu control 2026-02-28 15:01:06 [Info] [2024] get AssignProcessToJobObject handle [00000478] 2026-02-28 15:01:06 [Info] [2024] Set setJobExtended. 2026-02-28 15:01:06 [Info] [2024] Set cpu [9%] 2026-02-28 15:01:06 [Info] [2024] Set cpu success 2026-02-28 15:01:06 [Info] [2024] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/amsi_clean.py.md5 2026-02-28 15:01:06 [Info] [2024] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/amsi_clean.py.md5 2026-02-28 15:01:06 [Info] [2024] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 15:01:07 [Info] [2024] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 15:01:07 [Info] [2024] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/plugin/amsi_clean.py.md5, http code : 200, curl ret : 0 2026-02-28 15:01:07 [Info] [2024] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/plugin/amsi_clean.py.md5 2026-02-28 15:01:07 [Info] [2024] Prepare stage1: --amsi_clean 2026-02-28 15:01:07 [Info] [2024] Prepare stage2 2026-02-28 15:01:08 [Info] [2024] stage3: --amsi_clean 2026-02-28 15:01:08 [Info] [2024] Loader after check 2026-02-28 15:01:09 [Info] [2024] Enter reuse wait state. 2026-02-28 15:01:12 [Info] [2024] recvmsg: EXIT 2026-02-28 15:01:12 [Info] [2024] Recv Exit Msg, Exit... 2026-02-28 19:31:10 [Info] [1376] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 19:31:10 [Info] [1376] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap309231772278254 2026-02-28 19:31:10 [Info] [1376] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 19:31:10 [Info] [1376] Resource monitor start 2026-02-28 19:31:10 [Info] [1376] ipc client init success 2026-02-28 19:31:10 [Info] [1376] Ipc init: 0 2026-02-28 19:31:10 [Info] [1376] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 19:31:11 [Info] [1376] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 19:31:11 [Info] [1376] CResourceMonitor::run Enter 2026-02-28 19:31:11 [Info] [1376] CIpcMsgHandlerMgr::run Enter 2026-02-28 19:31:11 [Info] [1376] start ipc thread id[2788] 2026-02-28 19:31:11 [Info] [1376] Connect Yundun ipc server return state is 0 2026-02-28 19:31:11 [Info] [1376] yundun connected 2026-02-28 19:31:11 [Info] [1376] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 19:31:11 [Info] [1376] Report thread 2026-02-28 19:31:11 [Info] [1376] Monitor thread 2026-02-28 19:31:11 [Info] [1376] Loader thread 2026-02-28 19:31:11 [Info] [1376] PythonEngineImpl Init... 2026-02-28 19:31:11 [Info] [1376] recvmsg: HELLO 2026-02-28 19:31:11 [Info] [1376] recvmsg: WORK 2026-02-28 19:31:11 [Info] [1376] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:31:11 [Info] [1376] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:31:11 [Info] [1376] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:31:12 [Info] [1376] log fd cnt is [250], real fd cnt is [282] 2026-02-28 19:31:12 [Info] [1376] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:31:12 [Info] [1376] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 19:31:12 [Info] [1376] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 19:31:13 [Info] [1376] log memory size is 20480KB, real memory size is 14596KB 2026-02-28 19:31:13 [Info] [1376] item: --windows-sysinfoext-check 2026-02-28 19:31:13 [Info] [1376] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 19:31:13 [Info] [1376] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 19:31:13 [Info] [1376] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:31:13 [Info] [1376] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:31:13 [Info] [1376] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-02-28 19:31:13 [Info] [1376] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-02-28 19:31:13 [Info] [1376] Prepare stage1: --windows-sysinfoext-check 2026-02-28 19:31:13 [Info] [1376] Prepare stage2 2026-02-28 19:31:16 [Info] [2380] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 19:31:16 [Info] [2380] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap309911772278275 2026-02-28 19:31:16 [Info] [2380] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 19:31:18 [Info] [1376] log memory size is 30720KB, real memory size is 22748KB 2026-02-28 19:31:16 [Info] [2380] Resource monitor start 2026-02-28 19:31:16 [Info] [2380] ipc client init success 2026-02-28 19:31:16 [Info] [2380] Ipc init: 0 2026-02-28 19:31:16 [Info] [2380] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 19:31:16 [Info] [2380] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 19:31:16 [Info] [2380] start ipc thread id[3728] 2026-02-28 19:31:16 [Info] [2380] Connect Yundun ipc server return state is 0 2026-02-28 19:31:16 [Info] [2380] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 19:31:17 [Info] [2380] CResourceMonitor::run Enter 2026-02-28 19:31:17 [Info] [2380] CIpcMsgHandlerMgr::run Enter 2026-02-28 19:31:17 [Info] [2380] yundun connected 2026-02-28 19:31:17 [Info] [2380] Report thread 2026-02-28 19:31:17 [Info] [2380] Monitor thread 2026-02-28 19:31:17 [Info] [2380] Loader thread 2026-02-28 19:31:17 [Info] [2380] PythonEngineImpl Init... 2026-02-28 19:31:17 [Info] [2380] recvmsg: HELLO 2026-02-28 19:31:17 [Info] [2380] recvmsg: WORK 2026-02-28 19:31:18 [Info] [2380] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:31:18 [Info] [2380] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:31:18 [Info] [2380] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:31:18 [Info] [2380] log fd cnt is [250], real fd cnt is [264] 2026-02-28 19:31:19 [Info] [2380] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:31:19 [Info] [2380] log memory size is 20480KB, real memory size is 14276KB 2026-02-28 19:31:19 [Info] [2380] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 19:31:19 [Info] [2380] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 19:31:20 [Info] [1376] stage3: --windows-sysinfoext-check 2026-02-28 19:31:20 [Info] [1376] Loader after check 2026-02-28 19:31:20 [Info] [2380] item: --windows-vul-check 2026-02-28 19:31:20 [Info] [2380] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-02-28 19:31:21 [Info] [2380] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-02-28 19:31:21 [Info] [2380] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/windows-vul-check.py 2026-02-28 19:31:21 [Info] [2380] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py 2026-02-28 19:31:21 [Info] [2380] Download redirect files success. 2026-02-28 19:31:21 [Info] [2380] Prepare stage1: --windows-vul-check 2026-02-28 19:31:21 [Info] [2380] Prepare stage2 2026-02-28 19:31:21 [Warn] [1376] high cpu, cpu is 13 2026-02-28 19:31:21 [Info] [1376] try get sys version 2026-02-28 19:31:21 [Info] [1376] win sys info:2/10:0:3 2026-02-28 19:31:21 [Info] [1376] suit legal version, enable cpu control 2026-02-28 19:31:21 [Warn] [1376] High CPU Warning: 13 2026-02-28 19:31:21 [Warn] [1376] resource monitor exp type: High CPU Warning, script runing: 0 2026-02-28 19:31:21 [Info] [1376] Enter reuse wait state. 2026-02-28 19:31:22 [Info] [2380] start DownLoadBuffer update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat 2026-02-28 19:31:22 [Info] [2380] start do http get request for update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat 2026-02-28 19:31:22 [Info] [2380] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:31:22 [Info] [2380] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:31:22 [Info] [2380] start DownLoadBuffer aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5 2026-02-28 19:31:22 [Info] [2380] start do http get request for aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5 2026-02-28 19:31:22 [Info] [2380] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5, http code : 200, curl ret : 0 2026-02-28 19:31:22 [Info] [2380] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat, http code : 200, curl ret : 0 2026-02-28 19:31:22 [Info] [2380] http download from redirect url success with https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat 2026-02-28 19:31:22 [Info] [2380] DownLoadFile ok C:\Program Files (x86)\Alibaba\Aegis\aegis_client\aegis_12_80\rule\vuldata_v2.dat 2026-02-28 19:31:22 [Warn] [2380] high cpu, cpu is 15 2026-02-28 19:31:22 [Info] [2380] try get sys version 2026-02-28 19:31:22 [Info] [2380] win sys info:2/10:0:3 2026-02-28 19:31:22 [Info] [2380] suit legal version, enable cpu control 2026-02-28 19:31:22 [Warn] [2380] High CPU Warning: 15 2026-02-28 19:31:22 [Warn] [2380] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:windows-vul-check.py line: 575 in func: load_rules File:windows-vul-check.py line: 986 in func: start 2026-02-28 19:31:23 [Info] [2380] stage3: --windows-vul-check 2026-02-28 19:31:23 [Info] [2380] Loader after check 2026-02-28 19:31:23 [Info] [2380] log memory size is 30720KB, real memory size is 23184KB 2026-02-28 19:31:23 [Info] [1376] recvmsg: EXIT 2026-02-28 19:31:23 [Info] [1376] Recv Exit Msg, Exit... 2026-02-28 19:31:24 [Info] [2380] Enter reuse wait state. 2026-02-28 19:31:30 [Info] [2380] recvmsg: EXIT 2026-02-28 19:31:30 [Info] [2380] Recv Exit Msg, Exit... 2026-02-28 19:39:42 [Info] [5116] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-02-28 19:39:42 [Info] [5116] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap326471772278782 2026-02-28 19:39:42 [Info] [5116] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-02-28 19:39:42 [Info] [5116] Resource monitor start 2026-02-28 19:39:42 [Info] [5116] ipc client init success 2026-02-28 19:39:42 [Info] [5116] Ipc init: 0 2026-02-28 19:39:42 [Info] [5116] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-02-28 19:39:42 [Info] [5116] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-02-28 19:39:42 [Info] [5116] start ipc thread id[2328] 2026-02-28 19:39:42 [Info] [5116] Connect Yundun ipc server return state is 0 2026-02-28 19:39:42 [Info] [5116] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-02-28 19:39:42 [Info] [5116] CResourceMonitor::run Enter 2026-02-28 19:39:42 [Info] [5116] CIpcMsgHandlerMgr::run Enter 2026-02-28 19:39:42 [Info] [5116] Report thread 2026-02-28 19:39:42 [Info] [5116] Monitor thread 2026-02-28 19:39:42 [Info] [5116] Loader thread 2026-02-28 19:39:42 [Info] [5116] PythonEngineImpl Init... 2026-02-28 19:39:42 [Info] [5116] yundun connected 2026-02-28 19:39:42 [Info] [5116] recvmsg: HELLO 2026-02-28 19:39:42 [Info] [5116] recvmsg: WORK 2026-02-28 19:39:42 [Info] [5116] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:39:42 [Info] [5116] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-02-28 19:39:42 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:39:43 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:39:43 [Info] [5116] log fd cnt is [250], real fd cnt is [282] 2026-02-28 19:39:43 [Info] [5116] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-02-28 19:39:43 [Info] [5116] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-02-28 19:39:44 [Info] [5116] log memory size is 20480KB, real memory size is 14576KB 2026-02-28 19:39:44 [Info] [5116] item: --secnet_rasp_agent 2026-02-28 19:39:44 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-02-28 19:39:44 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py 2026-02-28 19:39:44 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py 2026-02-28 19:39:44 [Info] [5116] Download redirect files success. 2026-02-28 19:39:44 [Info] [5116] Prepare stage1: --secnet_rasp_agent 2026-02-28 19:39:44 [Info] [5116] Prepare stage2 2026-02-28 19:39:45 [Info] [5116] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-02-28 19:39:45 [Info] [5116] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-02-28 19:39:45 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/file 2026-02-28 19:39:45 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-02-28 19:39:46 [Info] [5116] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0 2026-02-28 19:39:46 [Info] [5116] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-02-28 19:39:46 [Info] [5116] stage3: --secnet_rasp_agent 2026-02-28 19:39:46 [Info] [5116] Loader after check 2026-02-28 19:39:47 [Info] [5116] Enter reuse wait state. 2026-02-28 19:39:48 [Info] [5116] log memory size is 30720KB, real memory size is 21112KB 2026-02-28 19:39:49 [Info] [5116] recvmsg: EXIT 2026-02-28 19:39:49 [Info] [5116] Recv Exit Msg, Exit... 2026-03-07 04:42:43 [Info] [852] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 04:42:43 [Info] [852] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap296761772829762 2026-03-07 04:42:43 [Info] [852] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 04:42:43 [Info] [852] Resource monitor start 2026-03-07 04:42:43 [Info] [852] ipc client init success 2026-03-07 04:42:43 [Info] [852] Ipc init: 0 2026-03-07 04:42:43 [Info] [852] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 04:42:43 [Info] [852] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 04:42:43 [Info] [852] CResourceMonitor::run Enter 2026-03-07 04:42:43 [Info] [852] CIpcMsgHandlerMgr::run Enter 2026-03-07 04:42:43 [Info] [852] start ipc thread id[1840] 2026-03-07 04:42:43 [Info] [852] Connect Yundun ipc server return state is 0 2026-03-07 04:42:43 [Info] [852] yundun connected 2026-03-07 04:42:43 [Info] [852] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 04:42:43 [Info] [852] Report thread 2026-03-07 04:42:43 [Info] [852] Monitor thread 2026-03-07 04:42:43 [Info] [852] Loader thread 2026-03-07 04:42:43 [Info] [852] PythonEngineImpl Init... 2026-03-07 04:42:43 [Info] [852] recvmsg: HELLO 2026-03-07 04:42:44 [Info] [852] recvmsg: WORK 2026-03-07 04:42:44 [Info] [852] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 04:42:44 [Info] [852] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 04:42:44 [Info] [852] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 04:42:44 [Info] [852] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 04:42:44 [Warn] [852] high cpu, cpu is 12 2026-03-07 04:42:44 [Info] [852] try get sys version 2026-03-07 04:42:44 [Info] [852] win sys info:2/10:0:3 2026-03-07 04:42:44 [Info] [852] suit legal version, enable cpu control 2026-03-07 04:42:44 [Warn] [852] High CPU Warning: 12 2026-03-07 04:42:44 [Warn] [852] resource monitor exp type: High CPU Warning, script runing: 0 2026-03-07 04:42:44 [Info] [852] log fd cnt is [250], real fd cnt is [282] 2026-03-07 04:42:44 [Info] [852] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 04:42:44 [Info] [852] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 04:42:45 [Info] [852] log memory size is 20480KB, real memory size is 14576KB 2026-03-07 04:42:45 [Info] [852] item: --sca 2026-03-07 04:42:45 [Info] [852] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-03-07 04:42:46 [Info] [852] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py 2026-03-07 04:42:46 [Info] [852] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py 2026-03-07 04:42:46 [Info] [852] Download redirect files success. 2026-03-07 04:42:46 [Info] [852] Prepare stage1: --sca 2026-03-07 04:42:46 [Info] [852] Prepare stage2 2026-03-07 04:42:48 [Warn] [852] high cpu, cpu is 21 2026-03-07 04:42:48 [Warn] [852] High CPU Warning: 21 2026-03-07 04:42:49 [Info] [852] log memory size is 30720KB, real memory size is 32180KB 2026-03-07 04:42:53 [Info] [852] log memory size is 40960KB, real memory size is 32836KB 2026-03-07 04:43:09 [Info] [852] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-07 04:43:23 [Info] [852] stage3: --sca 2026-03-07 04:43:23 [Info] [852] Loader after check 2026-03-07 04:43:24 [Info] [852] Enter reuse wait state. 2026-03-07 04:43:27 [Info] [852] recvmsg: EXIT 2026-03-07 04:43:27 [Info] [852] Recv Exit Msg, Exit... 2026-03-07 05:04:24 [Info] [2340] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 05:04:24 [Info] [2340] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap11371772831057 2026-03-07 05:04:24 [Info] [2340] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 05:04:24 [Info] [2340] Resource monitor start 2026-03-07 05:04:24 [Info] [2340] ipc client init success 2026-03-07 05:04:24 [Info] [2340] Ipc init: 0 2026-03-07 05:04:24 [Info] [2340] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 05:04:24 [Info] [2340] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 05:04:24 [Info] [2340] start ipc thread id[4732] 2026-03-07 05:04:24 [Info] [2340] Connect Yundun ipc server return state is 0 2026-03-07 05:04:29 [Info] [2340] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 05:04:30 [Info] [2340] CResourceMonitor::run Enter 2026-03-07 05:04:31 [Info] [2340] log fd cnt is [250], real fd cnt is [243] 2026-03-07 05:04:32 [Info] [2340] Monitor thread 2026-03-07 05:04:32 [Info] [2340] Report thread 2026-03-07 05:04:32 [Info] [2340] yundun connected 2026-03-07 05:04:32 [Info] [2340] CIpcMsgHandlerMgr::run Enter 2026-03-07 05:04:33 [Info] [2340] recvmsg: HELLO 2026-03-07 05:04:33 [Info] [2340] recvmsg: WORK 2026-03-07 05:04:34 [Info] [2340] Loader thread 2026-03-07 05:04:34 [Info] [2340] PythonEngineImpl Init... 2026-03-07 05:04:34 [Info] [2340] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 05:04:34 [Info] [2340] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 05:04:34 [Info] [2340] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 05:04:36 [Info] [2340] log memory size is 20480KB, real memory size is 13040KB 2026-03-07 05:04:36 [Info] [2340] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 05:04:37 [Info] [2340] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 05:04:37 [Info] [2340] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 05:04:38 [Info] [2340] item: --windows-sysinfoext-check 2026-03-07 05:04:38 [Info] [2340] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 05:04:38 [Info] [2340] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 05:04:38 [Info] [2340] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 05:04:38 [Info] [2340] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 05:04:38 [Info] [2340] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-07 05:04:38 [Info] [2340] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 05:04:38 [Info] [2340] Prepare stage1: --windows-sysinfoext-check 2026-03-07 05:04:38 [Info] [2340] Prepare stage2 2026-03-07 05:04:39 [Warn] [2340] high cpu, cpu is 24 2026-03-07 05:04:39 [Info] [2340] try get sys version 2026-03-07 05:04:39 [Info] [2340] win sys info:2/10:0:3 2026-03-07 05:04:39 [Info] [2340] suit legal version, enable cpu control 2026-03-07 05:04:39 [Warn] [2340] High CPU Warning: 24 2026-03-07 05:04:40 [Warn] [2340] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: 2026-03-07 05:04:41 [Info] [2340] log memory size is 30720KB, real memory size is 22700KB 2026-03-07 05:04:41 [Info] [2340] stage3: --windows-sysinfoext-check 2026-03-07 05:04:41 [Info] [2340] Loader after check 2026-03-07 05:04:42 [Warn] [2340] high cpu, cpu is 15 2026-03-07 05:04:42 [Warn] [2340] High CPU Warning: 15 2026-03-07 05:04:42 [Info] [2340] Enter reuse wait state. 2026-03-07 05:04:44 [Info] [2340] recvmsg: EXIT 2026-03-07 05:04:44 [Info] [2340] Recv Exit Msg, Exit... 2026-03-07 08:07:53 [Info] [2216] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 08:07:53 [Info] [2216] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap43421772842073 2026-03-07 08:07:53 [Info] [2216] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 08:07:53 [Info] [2216] Resource monitor start 2026-03-07 08:07:53 [Info] [2216] ipc client init success 2026-03-07 08:07:53 [Info] [2216] Ipc init: 0 2026-03-07 08:07:53 [Info] [2216] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 08:07:53 [Info] [2216] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 08:07:53 [Info] [2216] start ipc thread id[2236] 2026-03-07 08:07:53 [Info] [2216] Connect Yundun ipc server return state is 0 2026-03-07 08:07:53 [Info] [2216] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 08:07:53 [Info] [2216] CResourceMonitor::run Enter 2026-03-07 08:07:53 [Info] [2216] CIpcMsgHandlerMgr::run Enter 2026-03-07 08:07:53 [Info] [2216] Report thread 2026-03-07 08:07:53 [Info] [2216] Monitor thread 2026-03-07 08:07:53 [Info] [2216] Loader thread 2026-03-07 08:07:53 [Info] [2216] PythonEngineImpl Init... 2026-03-07 08:07:53 [Info] [2216] yundun connected 2026-03-07 08:07:54 [Info] [2216] recvmsg: HELLO 2026-03-07 08:07:54 [Info] [2216] recvmsg: WORK 2026-03-07 08:07:54 [Info] [2216] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 08:07:54 [Info] [2216] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 08:07:54 [Info] [2216] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 08:07:54 [Info] [2216] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 08:07:54 [Info] [2216] log fd cnt is [250], real fd cnt is [286] 2026-03-07 08:07:54 [Info] [2216] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 08:07:54 [Info] [2216] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 08:07:55 [Info] [2216] log memory size is 20480KB, real memory size is 14512KB 2026-03-07 08:07:55 [Info] [2216] item: --windows-vul-clean 2026-03-07 08:07:55 [Info] [2216] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5 2026-03-07 08:07:55 [Info] [2216] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5 2026-03-07 08:07:55 [Info] [2216] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 08:07:56 [Info] [2216] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 08:07:56 [Info] [2216] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5, http code : 200, curl ret : 0 2026-03-07 08:07:56 [Info] [2216] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5 2026-03-07 08:07:56 [Info] [2216] Prepare stage1: --windows-vul-clean 2026-03-07 08:07:56 [Info] [2216] Prepare stage2 2026-03-07 08:07:56 [Info] [2216] stage3: --windows-vul-clean 2026-03-07 08:07:56 [Info] [2216] Loader after check 2026-03-07 08:07:57 [Info] [2216] Enter reuse wait state. 2026-03-07 08:08:01 [Info] [2216] recvmsg: EXIT 2026-03-07 08:08:01 [Info] [2216] Recv Exit Msg, Exit... 2026-03-07 09:08:58 [Info] [3932] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 09:08:58 [Info] [3932] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap163111772845738 2026-03-07 09:08:58 [Info] [3932] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 09:08:58 [Info] [3932] Resource monitor start 2026-03-07 09:08:58 [Info] [3932] ipc client init success 2026-03-07 09:08:58 [Info] [3932] Ipc init: 0 2026-03-07 09:08:58 [Info] [3932] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 09:08:58 [Info] [3932] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 09:08:58 [Info] [3932] start ipc thread id[4876] 2026-03-07 09:08:58 [Info] [3932] Connect Yundun ipc server return state is 0 2026-03-07 09:08:58 [Info] [3932] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 09:08:58 [Info] [3932] CResourceMonitor::run Enter 2026-03-07 09:08:58 [Info] [3932] CIpcMsgHandlerMgr::run Enter 2026-03-07 09:08:58 [Info] [3932] Report thread 2026-03-07 09:08:58 [Info] [3932] Monitor thread 2026-03-07 09:08:58 [Info] [3932] Loader thread 2026-03-07 09:08:58 [Info] [3932] PythonEngineImpl Init... 2026-03-07 09:08:58 [Info] [3932] yundun connected 2026-03-07 09:08:59 [Info] [3932] recvmsg: HELLO 2026-03-07 09:08:59 [Info] [3932] recvmsg: WORK 2026-03-07 09:08:59 [Info] [3932] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 09:08:59 [Info] [3932] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 09:08:59 [Info] [3932] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 09:08:59 [Info] [3932] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 09:08:59 [Info] [3932] log fd cnt is [250], real fd cnt is [282] 2026-03-07 09:08:59 [Info] [3932] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 09:08:59 [Info] [3932] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 09:09:00 [Info] [3932] log memory size is 20480KB, real memory size is 14496KB 2026-03-07 09:09:00 [Info] [3932] item: --windows-process-check 2026-03-07 09:09:00 [Info] [3932] cgroup name aegisRtap0 2026-03-07 09:09:00 [Info] [3932] try get sys version 2026-03-07 09:09:00 [Info] [3932] win sys info:2/10:0:3 2026-03-07 09:09:00 [Info] [3932] suit legal version, enable cpu control 2026-03-07 09:09:00 [Info] [3932] get AssignProcessToJobObject handle [00000478] 2026-03-07 09:09:00 [Info] [3932] Set setJobExtended. 2026-03-07 09:09:00 [Info] [3932] Set cpu [9%] 2026-03-07 09:09:00 [Info] [3932] Set cpu success 2026-03-07 09:09:00 [Info] [3932] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5 2026-03-07 09:09:00 [Info] [3932] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5 2026-03-07 09:09:00 [Info] [3932] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 09:09:00 [Info] [3932] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 09:09:01 [Info] [3932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5, http code : 200, curl ret : 0 2026-03-07 09:09:01 [Info] [3932] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5 2026-03-07 09:09:01 [Info] [3932] Prepare stage1: --windows-process-check 2026-03-07 09:09:01 [Info] [3932] Prepare stage2 2026-03-07 09:09:20 [Info] [3932] stage3: --windows-process-check 2026-03-07 09:09:20 [Info] [3932] Loader after check 2026-03-07 09:09:21 [Info] [3932] Enter reuse wait state. 2026-03-07 09:09:26 [Info] [3932] recvmsg: EXIT 2026-03-07 09:09:26 [Info] [3932] Recv Exit Msg, Exit... 2026-03-07 10:33:33 [Info] [4372] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 10:33:33 [Info] [4372] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap1121772850812 2026-03-07 10:33:33 [Info] [4372] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 10:33:33 [Info] [4372] Resource monitor start 2026-03-07 10:33:33 [Info] [4372] ipc client init success 2026-03-07 10:33:33 [Info] [4372] Ipc init: 0 2026-03-07 10:33:33 [Info] [4372] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 10:33:33 [Info] [4372] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 10:33:33 [Info] [4372] CResourceMonitor::run Enter 2026-03-07 10:33:33 [Info] [4372] CIpcMsgHandlerMgr::run Enter 2026-03-07 10:33:33 [Info] [4372] start ipc thread id[2112] 2026-03-07 10:33:33 [Info] [4372] Connect Yundun ipc server return state is 0 2026-03-07 10:33:33 [Info] [4372] yundun connected 2026-03-07 10:33:34 [Info] [4372] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 10:33:34 [Info] [4372] Report thread 2026-03-07 10:33:34 [Info] [4372] Monitor thread 2026-03-07 10:33:34 [Info] [4372] Loader thread 2026-03-07 10:33:34 [Info] [4372] PythonEngineImpl Init... 2026-03-07 10:33:34 [Info] [4372] recvmsg: HELLO 2026-03-07 10:33:34 [Info] [4372] recvmsg: WORK 2026-03-07 10:33:34 [Info] [4372] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:33:34 [Info] [4372] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:33:34 [Info] [4372] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:33:35 [Info] [4372] log fd cnt is [250], real fd cnt is [274] 2026-03-07 10:33:35 [Info] [4372] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:33:35 [Info] [4372] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 10:33:35 [Info] [4372] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 10:33:36 [Info] [4372] log memory size is 20480KB, real memory size is 14576KB 2026-03-07 10:33:36 [Info] [4372] item: --windows-registry-check 2026-03-07 10:33:36 [Info] [4372] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-03-07 10:33:36 [Info] [4372] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-03-07 10:33:36 [Info] [4372] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:33:36 [Info] [4372] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:33:36 [Info] [4372] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0 2026-03-07 10:33:36 [Info] [4372] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5 2026-03-07 10:33:37 [Info] [4372] Prepare stage1: --windows-registry-check 2026-03-07 10:33:37 [Info] [4372] Prepare stage2 2026-03-07 10:33:46 [Info] [644] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 10:33:46 [Info] [644] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap1581772850826 2026-03-07 10:33:46 [Info] [644] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 10:33:46 [Info] [644] Resource monitor start 2026-03-07 10:33:46 [Info] [644] ipc client init success 2026-03-07 10:33:46 [Info] [644] Ipc init: 0 2026-03-07 10:33:46 [Info] [644] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 10:33:46 [Info] [644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 10:33:46 [Info] [644] start ipc thread id[3936] 2026-03-07 10:33:46 [Info] [644] Connect Yundun ipc server return state is 0 2026-03-07 10:33:46 [Info] [644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 10:33:46 [Info] [644] CResourceMonitor::run Enter 2026-03-07 10:33:46 [Info] [644] CIpcMsgHandlerMgr::run Enter 2026-03-07 10:33:46 [Info] [644] Report thread 2026-03-07 10:33:46 [Info] [644] Monitor thread 2026-03-07 10:33:46 [Info] [644] Loader thread 2026-03-07 10:33:46 [Info] [644] PythonEngineImpl Init... 2026-03-07 10:33:46 [Info] [644] yundun connected 2026-03-07 10:33:47 [Info] [644] recvmsg: HELLO 2026-03-07 10:33:47 [Info] [644] recvmsg: WORK 2026-03-07 10:33:47 [Info] [644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:33:47 [Info] [644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:33:47 [Info] [644] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:33:47 [Info] [644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:33:47 [Info] [644] log fd cnt is [250], real fd cnt is [282] 2026-03-07 10:33:47 [Info] [644] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 10:33:47 [Info] [644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 10:33:48 [Info] [644] log memory size is 20480KB, real memory size is 14560KB 2026-03-07 10:33:48 [Info] [644] item: --windows-schedule-task-check 2026-03-07 10:33:48 [Info] [644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-03-07 10:33:48 [Info] [644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-03-07 10:33:48 [Info] [644] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:33:49 [Info] [644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:33:49 [Info] [644] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0 2026-03-07 10:33:49 [Info] [644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5 2026-03-07 10:33:49 [Info] [644] Prepare stage1: --windows-schedule-task-check 2026-03-07 10:33:49 [Info] [644] Prepare stage2 2026-03-07 10:33:52 [Info] [644] log memory size is 30720KB, real memory size is 23156KB 2026-03-07 10:34:06 [Info] [4372] stage3: --windows-registry-check 2026-03-07 10:34:06 [Info] [4372] Loader after check 2026-03-07 10:34:06 [Info] [4372] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-07 10:34:06 [Info] [644] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-07 10:34:07 [Info] [4372] Enter reuse wait state. 2026-03-07 10:34:10 [Info] [4372] recvmsg: EXIT 2026-03-07 10:34:10 [Info] [4372] Recv Exit Msg, Exit... 2026-03-07 10:34:39 [Info] [2200] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 10:34:39 [Info] [2200] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap2761772850862 2026-03-07 10:34:39 [Info] [2200] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 10:34:39 [Info] [2200] Resource monitor start 2026-03-07 10:34:39 [Info] [2200] ipc client init success 2026-03-07 10:34:39 [Info] [2200] Ipc init: 0 2026-03-07 10:34:39 [Info] [2200] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 10:34:39 [Info] [2200] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 10:34:39 [Info] [2200] start ipc thread id[160] 2026-03-07 10:34:39 [Info] [2200] Connect Yundun ipc server return state is 0 2026-03-07 10:34:39 [Info] [2200] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 10:34:39 [Info] [2200] CResourceMonitor::run Enter 2026-03-07 10:34:39 [Info] [2200] CIpcMsgHandlerMgr::run Enter 2026-03-07 10:34:39 [Info] [2200] Report thread 2026-03-07 10:34:39 [Info] [2200] Monitor thread 2026-03-07 10:34:39 [Info] [2200] Loader thread 2026-03-07 10:34:39 [Info] [2200] PythonEngineImpl Init... 2026-03-07 10:34:45 [Info] [2200] yundun connected 2026-03-07 10:34:47 [Info] [2200] log fd cnt is [250], real fd cnt is [261] 2026-03-07 10:34:47 [Info] [2200] recvmsg: HELLO 2026-03-07 10:34:47 [Info] [2200] recvmsg: WORK 2026-03-07 10:34:47 [Info] [2200] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:34:47 [Info] [2200] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:34:47 [Info] [2200] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:34:48 [Info] [2200] log memory size is 20480KB, real memory size is 12932KB 2026-03-07 10:34:52 [Info] [2200] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:34:52 [Info] [2200] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 10:34:52 [Info] [2200] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 10:34:54 [Info] [2200] item: --windows-sysinfoext-check 2026-03-07 10:34:54 [Info] [2200] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 10:34:54 [Info] [2200] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 10:34:54 [Info] [2200] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:34:54 [Info] [2200] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:34:54 [Info] [644] stage3: --windows-schedule-task-check 2026-03-07 10:34:54 [Info] [644] Loader after check 2026-03-07 10:34:54 [Info] [2200] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-07 10:34:54 [Info] [2200] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 10:34:54 [Info] [2200] Prepare stage1: --windows-sysinfoext-check 2026-03-07 10:34:54 [Info] [2200] Prepare stage2 2026-03-07 10:34:55 [Info] [644] Enter reuse wait state. 2026-03-07 10:34:55 [Warn] [2200] high cpu, cpu is 16 2026-03-07 10:34:55 [Info] [2200] try get sys version 2026-03-07 10:34:55 [Info] [2200] win sys info:2/10:0:3 2026-03-07 10:34:55 [Info] [2200] suit legal version, enable cpu control 2026-03-07 10:34:55 [Warn] [2200] High CPU Warning: 16 2026-03-07 10:34:55 [Warn] [2200] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:__init__.py line: 28 in func: __WrapDispatch File:__init__.py line: 96 in func: Dispatch File:__init__.py line: 483 in func: _get_good_single_object_ File:__init__.py line: 494 in func: _get_good_object_ File:util.py line: 84 in func: next File:wmi.py line: 491 in func: __init__ File:wmi.py line: 781 in func: __init__ File:wmi.py line: 1156 in func: _cached_classes File:wmi.py line: 1145 in func: __getattr__ File:windows-sysinfoext-check.py line: 50 in func: GetSysCpuInfo File:windows-sysinfoext-check.py line: 174 in func: check File:windows-sysinfoext-check.py line: 143 in func: main File:windows-sysinfoext-check.py line: 200 in func: start 2026-03-07 10:34:56 [Info] [2200] log memory size is 30720KB, real memory size is 22724KB 2026-03-07 10:34:58 [Info] [2200] stage3: --windows-sysinfoext-check 2026-03-07 10:34:58 [Info] [2200] Loader after check 2026-03-07 10:34:59 [Info] [2200] Enter reuse wait state. 2026-03-07 10:35:00 [Info] [644] recvmsg: EXIT 2026-03-07 10:35:00 [Info] [644] Recv Exit Msg, Exit... 2026-03-07 10:35:01 [Info] [644] log fd cnt is [300], real fd cnt is [366] 2026-03-07 10:35:06 [Info] [2200] recvmsg: EXIT 2026-03-07 10:35:06 [Info] [2200] Recv Exit Msg, Exit... 2026-03-07 10:45:23 [Info] [2236] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 10:45:23 [Info] [2236] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap24341772851523 2026-03-07 10:45:23 [Info] [2236] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 10:45:23 [Info] [2236] Resource monitor start 2026-03-07 10:45:23 [Info] [2236] ipc client init success 2026-03-07 10:45:23 [Info] [2236] Ipc init: 0 2026-03-07 10:45:23 [Info] [2236] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 10:45:23 [Info] [2236] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 10:45:23 [Info] [2236] start ipc thread id[4320] 2026-03-07 10:45:23 [Info] [2236] Connect Yundun ipc server return state is 0 2026-03-07 10:45:23 [Info] [2236] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 10:45:23 [Info] [2236] CResourceMonitor::run Enter 2026-03-07 10:45:23 [Info] [2236] CIpcMsgHandlerMgr::run Enter 2026-03-07 10:45:23 [Info] [2236] Report thread 2026-03-07 10:45:23 [Info] [2236] Monitor thread 2026-03-07 10:45:23 [Info] [2236] Loader thread 2026-03-07 10:45:23 [Info] [2236] PythonEngineImpl Init... 2026-03-07 10:45:23 [Info] [2236] yundun connected 2026-03-07 10:45:23 [Info] [2236] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-07 10:45:23 [Info] [2236] recvmsg: HELLO 2026-03-07 10:45:23 [Info] [2236] recvmsg: WORK 2026-03-07 10:45:24 [Info] [2236] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:45:24 [Info] [2236] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 10:45:24 [Info] [2236] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:45:24 [Info] [2236] log fd cnt is [250], real fd cnt is [282] 2026-03-07 10:45:24 [Info] [2236] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:45:24 [Info] [2236] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 10:45:24 [Info] [2236] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 10:45:25 [Info] [2236] log memory size is 20480KB, real memory size is 14504KB 2026-03-07 10:45:25 [Info] [2236] item: --windows-driver-version-check 2026-03-07 10:45:25 [Info] [2236] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-03-07 10:45:25 [Info] [2236] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-03-07 10:45:25 [Info] [2236] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 10:45:25 [Info] [2236] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 10:45:26 [Info] [2236] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0 2026-03-07 10:45:26 [Info] [2236] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5 2026-03-07 10:45:26 [Info] [2236] Prepare stage1: --windows-driver-version-check 2026-03-07 10:45:26 [Info] [2236] Prepare stage2 2026-03-07 10:45:26 [Info] [2236] stage3: --windows-driver-version-check 2026-03-07 10:45:26 [Info] [2236] Loader after check 2026-03-07 10:45:27 [Info] [2236] Enter reuse wait state. 2026-03-07 10:45:31 [Info] [2236] recvmsg: EXIT 2026-03-07 10:45:31 [Info] [2236] Recv Exit Msg, Exit... 2026-03-07 11:15:45 [Info] [3968] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 11:15:45 [Info] [3968] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap83841772853345 2026-03-07 11:15:45 [Info] [3968] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 11:15:45 [Info] [3968] Resource monitor start 2026-03-07 11:15:45 [Info] [3968] ipc client init success 2026-03-07 11:15:45 [Info] [3968] Ipc init: 0 2026-03-07 11:15:45 [Info] [3968] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 11:15:45 [Info] [3968] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 11:15:45 [Info] [3968] start ipc thread id[2976] 2026-03-07 11:15:45 [Info] [3968] Connect Yundun ipc server return state is 0 2026-03-07 11:15:45 [Info] [3968] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 11:15:45 [Info] [3968] CResourceMonitor::run Enter 2026-03-07 11:15:45 [Info] [3968] CIpcMsgHandlerMgr::run Enter 2026-03-07 11:15:45 [Info] [3968] Report thread 2026-03-07 11:15:45 [Info] [3968] Monitor thread 2026-03-07 11:15:45 [Info] [3968] Loader thread 2026-03-07 11:15:45 [Info] [3968] PythonEngineImpl Init... 2026-03-07 11:15:45 [Info] [3968] yundun connected 2026-03-07 11:15:45 [Info] [3968] recvmsg: HELLO 2026-03-07 11:15:45 [Info] [3968] recvmsg: WORK 2026-03-07 11:15:45 [Info] [3968] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 11:15:45 [Info] [3968] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 11:15:45 [Info] [3968] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 11:15:45 [Info] [3968] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 11:15:46 [Info] [3968] log fd cnt is [250], real fd cnt is [282] 2026-03-07 11:15:46 [Info] [3968] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 11:15:46 [Info] [3968] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 11:15:47 [Info] [3968] log memory size is 20480KB, real memory size is 14564KB 2026-03-07 11:15:47 [Info] [3968] item: --windows-autorun-item-check 2026-03-07 11:15:47 [Info] [3968] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-03-07 11:15:47 [Info] [3968] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-03-07 11:15:47 [Info] [3968] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 11:15:47 [Info] [3968] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 11:15:47 [Info] [3968] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0 2026-03-07 11:15:47 [Info] [3968] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5 2026-03-07 11:15:47 [Info] [3968] Prepare stage1: --windows-autorun-item-check 2026-03-07 11:15:47 [Info] [3968] Prepare stage2 2026-03-07 11:15:51 [Info] [3968] log memory size is 30720KB, real memory size is 22276KB 2026-03-07 11:15:57 [Info] [3968] stage3: --windows-autorun-item-check 2026-03-07 11:15:57 [Info] [3968] Loader after check 2026-03-07 11:15:58 [Info] [3968] Enter reuse wait state. 2026-03-07 11:16:00 [Info] [3968] recvmsg: EXIT 2026-03-07 11:16:00 [Info] [3968] Recv Exit Msg, Exit... 2026-03-07 11:49:04 [Info] [4304] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 11:49:04 [Info] [4304] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap149121772855344 2026-03-07 11:49:04 [Info] [4304] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 11:49:04 [Info] [4304] Resource monitor start 2026-03-07 11:49:04 [Info] [4304] ipc client init success 2026-03-07 11:49:04 [Info] [4304] Ipc init: 0 2026-03-07 11:49:04 [Info] [4304] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 11:49:04 [Info] [4304] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 11:49:04 [Info] [4304] start ipc thread id[4204] 2026-03-07 11:49:04 [Info] [4304] Connect Yundun ipc server return state is 0 2026-03-07 11:49:04 [Info] [4304] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 11:49:04 [Info] [4304] CResourceMonitor::run Enter 2026-03-07 11:49:04 [Info] [4304] CIpcMsgHandlerMgr::run Enter 2026-03-07 11:49:04 [Info] [4304] Report thread 2026-03-07 11:49:04 [Info] [4304] Monitor thread 2026-03-07 11:49:04 [Info] [4304] Loader thread 2026-03-07 11:49:04 [Info] [4304] PythonEngineImpl Init... 2026-03-07 11:49:04 [Info] [4304] yundun connected 2026-03-07 11:49:04 [Info] [4304] recvmsg: HELLO 2026-03-07 11:49:04 [Info] [4304] recvmsg: WORK 2026-03-07 11:49:04 [Info] [4304] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 11:49:04 [Info] [4304] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 11:49:04 [Info] [4304] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 11:49:05 [Info] [4304] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 11:49:05 [Info] [4304] log fd cnt is [250], real fd cnt is [282] 2026-03-07 11:49:05 [Info] [4304] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 11:49:05 [Info] [4304] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 11:49:06 [Info] [4304] log memory size is 20480KB, real memory size is 14512KB 2026-03-07 11:49:06 [Info] [4304] item: --tcp-connect-check 2026-03-07 11:49:06 [Info] [4304] cgroup name aegisRtap0 2026-03-07 11:49:06 [Info] [4304] try get sys version 2026-03-07 11:49:06 [Info] [4304] win sys info:2/10:0:3 2026-03-07 11:49:06 [Info] [4304] suit legal version, enable cpu control 2026-03-07 11:49:06 [Info] [4304] get AssignProcessToJobObject handle [00000478] 2026-03-07 11:49:06 [Info] [4304] Set setJobExtended. 2026-03-07 11:49:06 [Info] [4304] Set cpu [9%] 2026-03-07 11:49:06 [Info] [4304] Set cpu success 2026-03-07 11:49:06 [Info] [4304] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-03-07 11:49:06 [Info] [4304] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-03-07 11:49:06 [Info] [4304] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 11:49:06 [Info] [4304] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 11:49:06 [Info] [4304] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0 2026-03-07 11:49:06 [Info] [4304] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5 2026-03-07 11:49:06 [Info] [4304] Prepare stage1: --tcp-connect-check 2026-03-07 11:49:06 [Info] [4304] Prepare stage2 2026-03-07 11:49:10 [Info] [4304] stage3: --tcp-connect-check 2026-03-07 11:49:10 [Info] [4304] Loader after check 2026-03-07 11:49:11 [Info] [4304] Enter reuse wait state. 2026-03-07 11:49:15 [Info] [4304] recvmsg: EXIT 2026-03-07 11:49:15 [Info] [4304] Recv Exit Msg, Exit... 2026-03-07 16:04:08 [Info] [3596] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 16:04:08 [Info] [3596] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap321171772870647 2026-03-07 16:04:08 [Info] [3596] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 16:04:08 [Info] [3596] Resource monitor start 2026-03-07 16:04:08 [Info] [3596] ipc client init success 2026-03-07 16:04:08 [Info] [3596] Ipc init: 0 2026-03-07 16:04:08 [Info] [3596] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 16:04:08 [Info] [3596] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 16:04:08 [Info] [3596] start ipc thread id[3424] 2026-03-07 16:04:08 [Info] [3596] Connect Yundun ipc server return state is 0 2026-03-07 16:04:08 [Info] [3596] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 16:04:08 [Info] [3596] CResourceMonitor::run Enter 2026-03-07 16:04:08 [Info] [3596] CIpcMsgHandlerMgr::run Enter 2026-03-07 16:04:08 [Info] [3596] Report thread 2026-03-07 16:04:08 [Info] [3596] Monitor thread 2026-03-07 16:04:08 [Info] [3596] Loader thread 2026-03-07 16:04:08 [Info] [3596] PythonEngineImpl Init... 2026-03-07 16:04:14 [Info] [3596] yundun connected 2026-03-07 16:04:14 [Info] [3596] recvmsg: HELLO 2026-03-07 16:04:14 [Info] [3596] recvmsg: WORK 2026-03-07 16:04:14 [Info] [3596] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 16:04:14 [Info] [3596] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 16:04:14 [Info] [3596] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 16:04:16 [Info] [3596] log fd cnt is [250], real fd cnt is [264] 2026-03-07 16:04:17 [Info] [3596] log memory size is 20480KB, real memory size is 12940KB 2026-03-07 16:04:22 [Info] [3596] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 16:04:22 [Info] [3596] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 16:04:22 [Info] [3596] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 16:04:23 [Info] [3596] item: --windows-sysinfoext-check 2026-03-07 16:04:23 [Info] [3596] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 16:04:23 [Info] [3596] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 16:04:23 [Info] [3596] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 16:04:23 [Info] [3596] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 16:04:24 [Info] [3596] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-07 16:04:24 [Info] [3596] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 16:04:24 [Info] [3596] Prepare stage1: --windows-sysinfoext-check 2026-03-07 16:04:24 [Info] [3596] Prepare stage2 2026-03-07 16:04:25 [Info] [3596] log memory size is 30720KB, real memory size is 22364KB 2026-03-07 16:04:29 [Info] [3596] stage3: --windows-sysinfoext-check 2026-03-07 16:04:29 [Info] [3596] Loader after check 2026-03-07 16:04:30 [Info] [3596] Enter reuse wait state. 2026-03-07 16:04:33 [Info] [3596] recvmsg: EXIT 2026-03-07 16:04:33 [Info] [3596] Recv Exit Msg, Exit... 2026-03-07 19:30:41 [Info] [4876] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 19:30:41 [Info] [4876] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap70551772883041 2026-03-07 19:30:41 [Info] [4876] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 19:30:41 [Info] [4876] Resource monitor start 2026-03-07 19:30:41 [Info] [4876] ipc client init success 2026-03-07 19:30:41 [Info] [4876] Ipc init: 0 2026-03-07 19:30:41 [Info] [4876] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 19:30:41 [Info] [4876] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 19:30:41 [Info] [4876] start ipc thread id[2968] 2026-03-07 19:30:41 [Info] [4876] Connect Yundun ipc server return state is 0 2026-03-07 19:30:41 [Info] [4876] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 19:30:41 [Info] [4876] CResourceMonitor::run Enter 2026-03-07 19:30:41 [Info] [4876] CIpcMsgHandlerMgr::run Enter 2026-03-07 19:30:41 [Info] [4876] Report thread 2026-03-07 19:30:41 [Info] [4876] Monitor thread 2026-03-07 19:30:41 [Info] [4876] Loader thread 2026-03-07 19:30:41 [Info] [4876] PythonEngineImpl Init... 2026-03-07 19:30:41 [Info] [4876] yundun connected 2026-03-07 19:30:42 [Info] [4876] recvmsg: HELLO 2026-03-07 19:30:42 [Info] [4876] recvmsg: WORK 2026-03-07 19:30:42 [Info] [4876] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 19:30:42 [Info] [4876] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 19:30:42 [Info] [4876] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 19:30:42 [Info] [4876] log fd cnt is [250], real fd cnt is [282] 2026-03-07 19:30:42 [Info] [4876] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 19:30:42 [Info] [4876] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 19:30:42 [Info] [4876] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 19:30:43 [Info] [4876] log memory size is 20480KB, real memory size is 14492KB 2026-03-07 19:30:43 [Info] [4876] item: --secnet_rasp_agent 2026-03-07 19:30:43 [Info] [4876] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-03-07 19:30:44 [Info] [4876] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py 2026-03-07 19:30:44 [Info] [4876] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py 2026-03-07 19:30:44 [Info] [4876] Download redirect files success. 2026-03-07 19:30:44 [Info] [4876] Prepare stage1: --secnet_rasp_agent 2026-03-07 19:30:44 [Info] [4876] Prepare stage2 2026-03-07 19:30:44 [Info] [4876] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-07 19:30:44 [Info] [4876] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-07 19:30:44 [Info] [4876] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 19:30:44 [Info] [4876] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 19:30:45 [Info] [4876] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0 2026-03-07 19:30:45 [Info] [4876] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-07 19:30:45 [Info] [4876] stage3: --secnet_rasp_agent 2026-03-07 19:30:45 [Info] [4876] Loader after check 2026-03-07 19:30:46 [Info] [4876] Enter reuse wait state. 2026-03-07 19:30:48 [Info] [4876] log memory size is 30720KB, real memory size is 21120KB 2026-03-07 19:30:49 [Info] [4876] recvmsg: EXIT 2026-03-07 19:30:49 [Info] [4876] Recv Exit Msg, Exit... 2026-03-07 21:34:02 [Info] [4144] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-07 21:34:02 [Info] [4144] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap312001772890435 2026-03-07 21:34:02 [Info] [4144] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-07 21:34:02 [Info] [4144] Resource monitor start 2026-03-07 21:34:02 [Info] [4144] ipc client init success 2026-03-07 21:34:02 [Info] [4144] Ipc init: 0 2026-03-07 21:34:02 [Info] [4144] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-07 21:34:02 [Info] [4144] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-07 21:34:02 [Info] [4144] start ipc thread id[3392] 2026-03-07 21:34:02 [Info] [4144] Connect Yundun ipc server return state is 0 2026-03-07 21:34:02 [Info] [4144] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-07 21:34:07 [Info] [4144] CResourceMonitor::run Enter 2026-03-07 21:34:08 [Info] [4144] log fd cnt is [250], real fd cnt is [243] 2026-03-07 21:34:09 [Info] [4144] Loader thread 2026-03-07 21:34:09 [Info] [4144] PythonEngineImpl Init... 2026-03-07 21:34:09 [Info] [4144] Monitor thread 2026-03-07 21:34:09 [Info] [4144] Report thread 2026-03-07 21:34:09 [Info] [4144] yundun connected 2026-03-07 21:34:09 [Info] [4144] CIpcMsgHandlerMgr::run Enter 2026-03-07 21:34:09 [Info] [4144] recvmsg: HELLO 2026-03-07 21:34:09 [Info] [4144] recvmsg: WORK 2026-03-07 21:34:09 [Info] [4144] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 21:34:09 [Info] [4144] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-07 21:34:09 [Info] [4144] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 21:34:13 [Info] [4144] log memory size is 20480KB, real memory size is 12952KB 2026-03-07 21:34:14 [Info] [4144] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 21:34:14 [Info] [4144] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-07 21:34:14 [Info] [4144] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-07 21:34:15 [Info] [4144] item: --windows-sysinfoext-check 2026-03-07 21:34:15 [Info] [4144] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 21:34:15 [Info] [4144] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 21:34:15 [Info] [4144] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-07 21:34:16 [Info] [4144] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-07 21:34:16 [Info] [4144] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-07 21:34:16 [Info] [4144] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-07 21:34:16 [Info] [4144] Prepare stage1: --windows-sysinfoext-check 2026-03-07 21:34:16 [Info] [4144] Prepare stage2 2026-03-07 21:34:17 [Info] [4144] log memory size is 30720KB, real memory size is 22804KB 2026-03-07 21:34:18 [Info] [4144] stage3: --windows-sysinfoext-check 2026-03-07 21:34:18 [Info] [4144] Loader after check 2026-03-07 21:34:18 [Warn] [4144] high cpu, cpu is 13 2026-03-07 21:34:18 [Info] [4144] try get sys version 2026-03-07 21:34:18 [Info] [4144] win sys info:2/10:0:3 2026-03-07 21:34:18 [Info] [4144] suit legal version, enable cpu control 2026-03-07 21:34:18 [Warn] [4144] High CPU Warning: 13 2026-03-07 21:34:18 [Warn] [4144] resource monitor exp type: High CPU Warning, script runing: 0 2026-03-07 21:34:19 [Info] [4144] Enter reuse wait state. 2026-03-07 21:34:22 [Info] [4144] recvmsg: EXIT 2026-03-07 21:34:22 [Info] [4144] Recv Exit Msg, Exit... 2026-03-14 01:41:33 [Info] [980] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 01:41:33 [Info] [980] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap30791773423679 2026-03-14 01:41:33 [Info] [980] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 01:41:33 [Info] [980] Resource monitor start 2026-03-14 01:41:33 [Info] [980] ipc client init success 2026-03-14 01:41:33 [Info] [980] Ipc init: 0 2026-03-14 01:41:33 [Info] [980] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 01:41:33 [Info] [980] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 01:41:33 [Info] [980] start ipc thread id[3268] 2026-03-14 01:41:33 [Info] [980] Connect Yundun ipc server return state is 0 2026-03-14 01:41:33 [Info] [980] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 01:41:38 [Info] [980] CIpcMsgHandlerMgr::run Enter 2026-03-14 01:41:38 [Info] [980] CResourceMonitor::run Enter 2026-03-14 01:41:39 [Info] [980] log fd cnt is [250], real fd cnt is [243] 2026-03-14 01:41:40 [Info] [980] yundun connected 2026-03-14 01:41:40 [Info] [980] Report thread 2026-03-14 01:41:40 [Info] [980] Monitor thread 2026-03-14 01:41:40 [Info] [980] Loader thread 2026-03-14 01:41:40 [Info] [980] PythonEngineImpl Init... 2026-03-14 01:41:40 [Info] [980] recvmsg: HELLO 2026-03-14 01:41:40 [Info] [980] recvmsg: WORK 2026-03-14 01:41:40 [Info] [980] log memory size is 20480KB, real memory size is 12696KB 2026-03-14 01:41:40 [Info] [980] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 01:41:40 [Info] [980] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 01:41:40 [Info] [980] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 01:41:42 [Info] [980] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 01:41:42 [Info] [980] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 01:41:42 [Info] [980] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 01:41:44 [Info] [980] item: --windows-sysinfoext-check 2026-03-14 01:41:44 [Info] [980] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 01:41:44 [Info] [980] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 01:41:44 [Info] [980] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 01:41:44 [Info] [980] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 01:41:44 [Info] [980] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-14 01:41:44 [Info] [980] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 01:41:44 [Info] [980] Prepare stage1: --windows-sysinfoext-check 2026-03-14 01:41:44 [Info] [980] Prepare stage2 2026-03-14 01:41:47 [Info] [980] stage3: --windows-sysinfoext-check 2026-03-14 01:41:47 [Info] [980] Loader after check 2026-03-14 01:41:48 [Info] [980] log memory size is 30720KB, real memory size is 22872KB 2026-03-14 01:41:48 [Info] [980] Enter reuse wait state. 2026-03-14 01:41:49 [Info] [980] recvmsg: EXIT 2026-03-14 01:41:49 [Info] [980] Recv Exit Msg, Exit... 2026-03-14 07:10:54 [Info] [4092] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 07:10:54 [Info] [4092] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap20321773443427 2026-03-14 07:10:54 [Info] [4092] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 07:10:54 [Info] [4092] Resource monitor start 2026-03-14 07:10:54 [Info] [4092] ipc client init success 2026-03-14 07:10:54 [Info] [4092] Ipc init: 0 2026-03-14 07:10:54 [Info] [4092] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 07:10:54 [Info] [4092] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 07:10:54 [Info] [4092] CResourceMonitor::run Enter 2026-03-14 07:10:54 [Info] [4092] start ipc thread id[5100] 2026-03-14 07:10:54 [Info] [4092] Connect Yundun ipc server return state is 0 2026-03-14 07:10:54 [Info] [4092] CIpcMsgHandlerMgr::run Enter 2026-03-14 07:10:54 [Info] [4092] yundun connected 2026-03-14 07:10:54 [Info] [4092] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 07:10:54 [Info] [4092] Report thread 2026-03-14 07:10:54 [Info] [4092] Monitor thread 2026-03-14 07:10:54 [Info] [4092] Loader thread 2026-03-14 07:10:54 [Info] [4092] recvmsg: HELLO 2026-03-14 07:10:54 [Info] [4092] PythonEngineImpl Init... 2026-03-14 07:10:54 [Info] [4092] recvmsg: WORK 2026-03-14 07:10:55 [Info] [4092] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 07:10:55 [Info] [4092] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 07:10:55 [Info] [4092] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 07:10:55 [Info] [4092] log fd cnt is [250], real fd cnt is [282] 2026-03-14 07:10:55 [Info] [4092] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 07:10:55 [Info] [4092] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 07:10:55 [Info] [4092] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 07:10:56 [Info] [4092] log memory size is 20480KB, real memory size is 14576KB 2026-03-14 07:10:56 [Info] [4092] item: --windows-sysinfoext-check 2026-03-14 07:10:56 [Info] [4092] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 07:10:56 [Info] [4092] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 07:10:56 [Info] [4092] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 07:10:57 [Info] [4092] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 07:10:57 [Info] [4092] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-14 07:10:57 [Info] [4092] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 07:10:57 [Info] [4092] Prepare stage1: --windows-sysinfoext-check 2026-03-14 07:10:57 [Info] [4092] Prepare stage2 2026-03-14 07:11:00 [Info] [4092] log memory size is 30720KB, real memory size is 22780KB 2026-03-14 07:11:00 [Info] [4092] stage3: --windows-sysinfoext-check 2026-03-14 07:11:00 [Info] [4092] Loader after check 2026-03-14 07:11:01 [Warn] [4092] high cpu, cpu is 13 2026-03-14 07:11:01 [Info] [4092] try get sys version 2026-03-14 07:11:01 [Info] [4092] win sys info:2/10:0:3 2026-03-14 07:11:01 [Info] [4092] suit legal version, enable cpu control 2026-03-14 07:11:01 [Warn] [4092] High CPU Warning: 13 2026-03-14 07:11:01 [Warn] [4092] resource monitor exp type: High CPU Warning, script runing: 0 2026-03-14 07:11:01 [Info] [4092] Enter reuse wait state. 2026-03-14 07:11:05 [Info] [4092] recvmsg: EXIT 2026-03-14 07:11:05 [Info] [4092] Recv Exit Msg, Exit... 2026-03-14 07:53:33 [Info] [1612] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 07:53:33 [Info] [1612] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap104731773446012 2026-03-14 07:53:33 [Info] [1612] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 07:53:33 [Info] [1612] Resource monitor start 2026-03-14 07:53:33 [Info] [1612] ipc client init success 2026-03-14 07:53:33 [Info] [1612] Ipc init: 0 2026-03-14 07:53:33 [Info] [1612] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 07:53:33 [Info] [1612] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 07:53:33 [Info] [1612] start ipc thread id[5048] 2026-03-14 07:53:33 [Info] [1612] Connect Yundun ipc server return state is 0 2026-03-14 07:53:33 [Info] [1612] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 07:53:33 [Info] [1612] CResourceMonitor::run Enter 2026-03-14 07:53:33 [Info] [1612] CIpcMsgHandlerMgr::run Enter 2026-03-14 07:53:33 [Info] [1612] yundun connected 2026-03-14 07:53:33 [Info] [1612] Report thread 2026-03-14 07:53:33 [Info] [1612] Monitor thread 2026-03-14 07:53:33 [Info] [1612] Loader thread 2026-03-14 07:53:33 [Info] [1612] PythonEngineImpl Init... 2026-03-14 07:53:34 [Info] [1612] recvmsg: HELLO 2026-03-14 07:53:34 [Info] [1612] recvmsg: WORK 2026-03-14 07:53:34 [Info] [1612] log fd cnt is [250], real fd cnt is [263] 2026-03-14 07:53:35 [Info] [1612] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 07:53:35 [Info] [1612] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 07:53:35 [Info] [1612] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 07:53:35 [Info] [1612] log memory size is 20480KB, real memory size is 13464KB 2026-03-14 07:53:36 [Info] [1612] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 07:53:36 [Info] [1612] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 07:53:36 [Info] [1612] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 07:53:38 [Info] [1612] item: --windows-vul-clean 2026-03-14 07:53:38 [Info] [1612] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5 2026-03-14 07:53:38 [Info] [1612] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5 2026-03-14 07:53:38 [Info] [1612] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 07:53:39 [Info] [1612] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 07:53:39 [Info] [1612] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5, http code : 200, curl ret : 0 2026-03-14 07:53:39 [Info] [1612] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5 2026-03-14 07:53:39 [Info] [1612] Prepare stage1: --windows-vul-clean 2026-03-14 07:53:39 [Info] [1612] Prepare stage2 2026-03-14 07:53:39 [Info] [1612] stage3: --windows-vul-clean 2026-03-14 07:53:39 [Info] [1612] Loader after check 2026-03-14 07:53:40 [Info] [1612] Enter reuse wait state. 2026-03-14 07:53:44 [Info] [1612] recvmsg: EXIT 2026-03-14 07:53:44 [Info] [1612] Recv Exit Msg, Exit... 2026-03-14 08:55:05 [Info] [3412] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 08:55:05 [Info] [3412] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap225301773449704 2026-03-14 08:55:05 [Info] [3412] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 08:55:05 [Info] [3412] Resource monitor start 2026-03-14 08:55:05 [Info] [3412] ipc client init success 2026-03-14 08:55:05 [Info] [3412] Ipc init: 0 2026-03-14 08:55:05 [Info] [3412] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 08:55:05 [Info] [3412] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 08:55:05 [Info] [3412] CResourceMonitor::run Enter 2026-03-14 08:55:05 [Info] [3412] CIpcMsgHandlerMgr::run Enter 2026-03-14 08:55:05 [Info] [3412] start ipc thread id[3208] 2026-03-14 08:55:05 [Info] [3412] Connect Yundun ipc server return state is 0 2026-03-14 08:55:05 [Info] [3412] yundun connected 2026-03-14 08:55:05 [Info] [3412] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 08:55:05 [Info] [3412] Report thread 2026-03-14 08:55:05 [Info] [3412] Monitor thread 2026-03-14 08:55:05 [Info] [3412] Loader thread 2026-03-14 08:55:05 [Info] [3412] PythonEngineImpl Init... 2026-03-14 08:55:05 [Info] [3412] recvmsg: HELLO 2026-03-14 08:55:06 [Info] [3412] recvmsg: WORK 2026-03-14 08:55:06 [Info] [3412] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 08:55:06 [Info] [3412] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 08:55:06 [Info] [3412] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 08:55:06 [Info] [3412] log fd cnt is [250], real fd cnt is [282] 2026-03-14 08:55:06 [Info] [3412] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 08:55:06 [Info] [3412] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 08:55:06 [Info] [3412] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 08:55:07 [Info] [3412] log memory size is 20480KB, real memory size is 14624KB 2026-03-14 08:55:07 [Info] [3412] item: --windows-process-check 2026-03-14 08:55:07 [Info] [3412] cgroup name aegisRtap0 2026-03-14 08:55:07 [Info] [3412] try get sys version 2026-03-14 08:55:07 [Info] [3412] win sys info:2/10:0:3 2026-03-14 08:55:07 [Info] [3412] suit legal version, enable cpu control 2026-03-14 08:55:07 [Info] [3412] get AssignProcessToJobObject handle [00000478] 2026-03-14 08:55:07 [Info] [3412] Set setJobExtended. 2026-03-14 08:55:07 [Info] [3412] Set cpu [9%] 2026-03-14 08:55:07 [Info] [3412] Set cpu success 2026-03-14 08:55:07 [Info] [3412] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5 2026-03-14 08:55:07 [Info] [3412] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5 2026-03-14 08:55:07 [Info] [3412] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 08:55:08 [Info] [3412] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 08:55:08 [Info] [3412] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5, http code : 200, curl ret : 0 2026-03-14 08:55:08 [Info] [3412] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5 2026-03-14 08:55:08 [Info] [3412] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-14 08:55:08 [Info] [3412] Prepare stage1: --windows-process-check 2026-03-14 08:55:08 [Info] [3412] Prepare stage2 2026-03-14 08:55:19 [Info] [3412] log memory size is 30720KB, real memory size is 20484KB 2026-03-14 08:55:27 [Info] [3412] stage3: --windows-process-check 2026-03-14 08:55:27 [Info] [3412] Loader after check 2026-03-14 08:55:28 [Info] [3412] Enter reuse wait state. 2026-03-14 08:55:33 [Info] [3412] recvmsg: EXIT 2026-03-14 08:55:33 [Info] [3412] Recv Exit Msg, Exit... 2026-03-14 09:08:10 [Info] [2932] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 09:08:10 [Info] [2932] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap250961773450490 2026-03-14 09:08:10 [Info] [2932] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 09:08:10 [Info] [2932] Resource monitor start 2026-03-14 09:08:10 [Info] [2932] ipc client init success 2026-03-14 09:08:10 [Info] [2932] Ipc init: 0 2026-03-14 09:08:10 [Info] [2932] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 09:08:10 [Info] [2932] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 09:08:10 [Info] [2932] start ipc thread id[4628] 2026-03-14 09:08:10 [Info] [2932] Connect Yundun ipc server return state is 0 2026-03-14 09:08:10 [Info] [2932] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 09:08:10 [Info] [2932] CResourceMonitor::run Enter 2026-03-14 09:08:10 [Info] [2932] CIpcMsgHandlerMgr::run Enter 2026-03-14 09:08:10 [Info] [2932] Report thread 2026-03-14 09:08:10 [Info] [2932] Monitor thread 2026-03-14 09:08:10 [Info] [2932] Loader thread 2026-03-14 09:08:10 [Info] [2932] PythonEngineImpl Init... 2026-03-14 09:08:10 [Info] [2932] yundun connected 2026-03-14 09:08:11 [Info] [2932] recvmsg: HELLO 2026-03-14 09:08:11 [Info] [2932] recvmsg: WORK 2026-03-14 09:08:11 [Info] [2932] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 09:08:11 [Info] [2932] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 09:08:11 [Info] [2932] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 09:08:11 [Info] [2932] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 09:08:12 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 09:08:12 [Info] [2932] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 09:08:12 [Info] [2932] log fd cnt is [250], real fd cnt is [281] 2026-03-14 09:08:13 [Info] [2932] log memory size is 20480KB, real memory size is 14532KB 2026-03-14 09:08:13 [Info] [2932] item: --sca 2026-03-14 09:08:13 [Info] [2932] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-03-14 09:08:13 [Info] [2932] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-03-14 09:08:13 [Info] [2932] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca.py 2026-03-14 09:08:13 [Info] [2932] start do http get request for update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca.py 2026-03-14 09:08:13 [Info] [2932] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca.py.md5 2026-03-14 09:08:13 [Info] [2932] start do http get request for aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca.py.md5 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca.py.md5, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca.py, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca.py 2026-03-14 09:08:14 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py 2026-03-14 09:08:14 [Info] [2932] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_utils.py 2026-03-14 09:08:14 [Info] [2932] start do http get request for update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_utils.py 2026-03-14 09:08:14 [Info] [2932] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_utils.py.md5 2026-03-14 09:08:14 [Info] [2932] start do http get request for aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_utils.py.md5 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_utils.py.md5, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_utils.py, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_utils.py 2026-03-14 09:08:14 [Info] [2932] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_common_proc.py 2026-03-14 09:08:14 [Info] [2932] start do http get request for update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_common_proc.py 2026-03-14 09:08:14 [Info] [2932] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_common_proc.py.md5 2026-03-14 09:08:14 [Info] [2932] start do http get request for aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_common_proc.py.md5 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_common_proc.py.md5, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_common_proc.py, http code : 200, curl ret : 0 2026-03-14 09:08:14 [Info] [2932] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_common_proc.py 2026-03-14 09:08:15 [Info] [2932] start DownLoadBuffer update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_java_proc.py 2026-03-14 09:08:15 [Info] [2932] start do http get request for update.aegis.aliyun.com/rtap_file/official/release/win32/plugin/sca_java_proc.py 2026-03-14 09:08:15 [Info] [2932] start DownLoadBuffer aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_java_proc.py.md5 2026-03-14 09:08:15 [Info] [2932] start do http get request for aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_java_proc.py.md5 2026-03-14 09:08:15 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_java_proc.py.md5, http code : 200, curl ret : 0 2026-03-14 09:08:15 [Info] [2932] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/sca_java_proc.py, http code : 200, curl ret : 0 2026-03-14 09:08:15 [Info] [2932] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/plugin/sca_java_proc.py 2026-03-14 09:08:15 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py 2026-03-14 09:08:15 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py 2026-03-14 09:08:15 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py 2026-03-14 09:08:15 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py 2026-03-14 09:08:15 [Info] [2932] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py 2026-03-14 09:08:15 [Info] [2932] Download redirect files success. 2026-03-14 09:08:15 [Info] [2932] Prepare stage1: --sca 2026-03-14 09:08:15 [Info] [2932] Prepare stage2 2026-03-14 09:08:16 [Warn] [2932] high cpu, cpu is 17 2026-03-14 09:08:16 [Info] [2932] try get sys version 2026-03-14 09:08:16 [Info] [2932] win sys info:2/10:0:3 2026-03-14 09:08:16 [Info] [2932] suit legal version, enable cpu control 2026-03-14 09:08:16 [Warn] [2932] High CPU Warning: 17 2026-03-14 09:08:16 [Warn] [2932] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:sca_utils.py line: 69 in func: <module> File:sca.py line: 44 in func: <module> 2026-03-14 09:08:17 [Info] [2932] log memory size is 30720KB, real memory size is 32996KB 2026-03-14 09:08:21 [Info] [2932] log memory size is 40960KB, real memory size is 32984KB 2026-03-14 09:08:26 [Info] [2932] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-14 09:09:11 [Warn] [2932] high cpu, cpu is 24 2026-03-14 09:09:11 [Warn] [2932] High CPU Warning: 24 2026-03-14 09:09:11 [Warn] [2932] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: 2026-03-14 09:09:13 [Info] [2932] log fd cnt is [300], real fd cnt is [375] 2026-03-14 09:09:14 [Info] [2932] stage3: --sca 2026-03-14 09:09:14 [Info] [2932] Loader after check 2026-03-14 09:09:15 [Info] [2932] Enter reuse wait state. 2026-03-14 09:09:19 [Info] [2932] recvmsg: EXIT 2026-03-14 09:09:19 [Info] [2932] Recv Exit Msg, Exit... 2026-03-14 10:32:39 [Info] [1480] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 10:32:39 [Info] [1480] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap88821773455559 2026-03-14 10:32:39 [Info] [1480] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 10:32:39 [Info] [1480] Resource monitor start 2026-03-14 10:32:39 [Info] [1480] ipc client init success 2026-03-14 10:32:39 [Info] [1480] Ipc init: 0 2026-03-14 10:32:39 [Info] [1480] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 10:32:39 [Info] [1480] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 10:32:39 [Info] [1480] start ipc thread id[92] 2026-03-14 10:32:39 [Info] [1480] Connect Yundun ipc server return state is 0 2026-03-14 10:32:39 [Info] [1480] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 10:32:39 [Info] [1480] CResourceMonitor::run Enter 2026-03-14 10:32:39 [Info] [1480] CIpcMsgHandlerMgr::run Enter 2026-03-14 10:32:39 [Info] [1480] Report thread 2026-03-14 10:32:39 [Info] [1480] Monitor thread 2026-03-14 10:32:39 [Info] [1480] Loader thread 2026-03-14 10:32:39 [Info] [1480] PythonEngineImpl Init... 2026-03-14 10:32:39 [Info] [1480] yundun connected 2026-03-14 10:32:40 [Info] [1480] recvmsg: HELLO 2026-03-14 10:32:40 [Info] [1480] recvmsg: WORK 2026-03-14 10:32:40 [Info] [1480] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:32:40 [Info] [1480] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:32:40 [Info] [1480] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:32:40 [Info] [1480] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:32:40 [Info] [1480] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 10:32:40 [Info] [1480] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 10:32:40 [Info] [1480] log fd cnt is [250], real fd cnt is [281] 2026-03-14 10:32:41 [Info] [1480] log memory size is 20480KB, real memory size is 14572KB 2026-03-14 10:32:41 [Info] [1480] item: --windows-registry-check 2026-03-14 10:32:41 [Info] [1480] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-03-14 10:32:41 [Info] [1480] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5 2026-03-14 10:32:41 [Info] [1480] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:32:42 [Info] [1480] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:32:42 [Info] [1480] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0 2026-03-14 10:32:42 [Info] [1480] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5 2026-03-14 10:32:42 [Info] [1480] Prepare stage1: --windows-registry-check 2026-03-14 10:32:42 [Info] [1480] Prepare stage2 2026-03-14 10:33:05 [Info] [1480] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-14 10:33:11 [Info] [1480] stage3: --windows-registry-check 2026-03-14 10:33:11 [Info] [1480] Loader after check 2026-03-14 10:33:12 [Info] [1480] Enter reuse wait state. 2026-03-14 10:33:15 [Info] [1480] recvmsg: EXIT 2026-03-14 10:33:15 [Info] [1480] Recv Exit Msg, Exit... 2026-03-14 10:33:39 [Info] [3984] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 10:33:39 [Info] [3984] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap90781773455619 2026-03-14 10:33:39 [Info] [3984] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 10:33:39 [Info] [3984] Resource monitor start 2026-03-14 10:33:39 [Info] [3984] ipc client init success 2026-03-14 10:33:39 [Info] [3984] Ipc init: 0 2026-03-14 10:33:39 [Info] [3984] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 10:33:39 [Info] [3984] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 10:33:39 [Info] [3984] start ipc thread id[4108] 2026-03-14 10:33:39 [Info] [3984] Connect Yundun ipc server return state is 0 2026-03-14 10:33:39 [Info] [3984] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 10:33:39 [Info] [3984] CResourceMonitor::run Enter 2026-03-14 10:33:39 [Info] [3984] CIpcMsgHandlerMgr::run Enter 2026-03-14 10:33:39 [Info] [3984] Report thread 2026-03-14 10:33:39 [Info] [3984] Monitor thread 2026-03-14 10:33:39 [Info] [3984] Loader thread 2026-03-14 10:33:39 [Info] [3984] PythonEngineImpl Init... 2026-03-14 10:33:39 [Info] [3984] yundun connected 2026-03-14 10:33:39 [Info] [3984] recvmsg: HELLO 2026-03-14 10:33:39 [Info] [3984] recvmsg: WORK 2026-03-14 10:33:40 [Info] [3984] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:33:40 [Info] [3984] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:33:40 [Info] [3984] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:33:40 [Info] [3984] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:33:40 [Info] [3984] log fd cnt is [250], real fd cnt is [282] 2026-03-14 10:33:40 [Info] [3984] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 10:33:40 [Info] [3984] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 10:33:41 [Info] [3984] log memory size is 20480KB, real memory size is 14508KB 2026-03-14 10:33:41 [Info] [3984] item: --windows-driver-version-check 2026-03-14 10:33:41 [Info] [3984] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-03-14 10:33:41 [Info] [3984] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5 2026-03-14 10:33:41 [Info] [3984] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:33:41 [Info] [3984] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:33:41 [Info] [3984] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0 2026-03-14 10:33:41 [Info] [3984] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5 2026-03-14 10:33:42 [Info] [3984] Prepare stage1: --windows-driver-version-check 2026-03-14 10:33:42 [Info] [3984] Prepare stage2 2026-03-14 10:33:42 [Info] [3984] stage3: --windows-driver-version-check 2026-03-14 10:33:42 [Info] [3984] Loader after check 2026-03-14 10:33:43 [Info] [3984] Enter reuse wait state. 2026-03-14 10:33:47 [Info] [3984] recvmsg: EXIT 2026-03-14 10:33:47 [Info] [3984] Recv Exit Msg, Exit... 2026-03-14 10:43:35 [Info] [4648] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 10:43:35 [Info] [4648] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap110241773456215 2026-03-14 10:43:35 [Info] [4648] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 10:43:35 [Info] [4648] Resource monitor start 2026-03-14 10:43:35 [Info] [4648] ipc client init success 2026-03-14 10:43:35 [Info] [4648] Ipc init: 0 2026-03-14 10:43:35 [Info] [4648] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 10:43:35 [Info] [4648] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 10:43:35 [Info] [4648] start ipc thread id[3928] 2026-03-14 10:43:35 [Info] [4648] Connect Yundun ipc server return state is 0 2026-03-14 10:43:35 [Info] [4648] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 10:43:35 [Info] [4648] CResourceMonitor::run Enter 2026-03-14 10:43:35 [Info] [4648] CIpcMsgHandlerMgr::run Enter 2026-03-14 10:43:35 [Info] [4648] Report thread 2026-03-14 10:43:35 [Info] [4648] Monitor thread 2026-03-14 10:43:35 [Info] [4648] Loader thread 2026-03-14 10:43:35 [Info] [4648] PythonEngineImpl Init... 2026-03-14 10:43:35 [Info] [4648] yundun connected 2026-03-14 10:43:35 [Info] [4648] recvmsg: HELLO 2026-03-14 10:43:35 [Info] [4648] recvmsg: WORK 2026-03-14 10:43:35 [Info] [4648] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:43:35 [Info] [4648] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 10:43:35 [Info] [4648] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:43:36 [Info] [4648] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:43:36 [Info] [4648] log fd cnt is [250], real fd cnt is [282] 2026-03-14 10:43:36 [Info] [4648] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 10:43:36 [Info] [4648] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 10:43:37 [Info] [4648] log memory size is 20480KB, real memory size is 14516KB 2026-03-14 10:43:37 [Info] [4648] item: --windows-schedule-task-check 2026-03-14 10:43:37 [Info] [4648] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-03-14 10:43:37 [Info] [4648] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5 2026-03-14 10:43:37 [Info] [4648] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 10:43:37 [Info] [4648] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 10:43:38 [Info] [4648] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0 2026-03-14 10:43:38 [Info] [4648] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5 2026-03-14 10:43:38 [Info] [4648] Prepare stage1: --windows-schedule-task-check 2026-03-14 10:43:38 [Info] [4648] Prepare stage2 2026-03-14 10:43:41 [Info] [4648] log memory size is 30720KB, real memory size is 23164KB 2026-03-14 10:44:07 [Info] [4648] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-14 10:44:09 [Info] [4648] stage3: --windows-schedule-task-check 2026-03-14 10:44:09 [Info] [4648] Loader after check 2026-03-14 10:44:10 [Info] [4648] Enter reuse wait state. 2026-03-14 10:44:15 [Info] [4648] recvmsg: EXIT 2026-03-14 10:44:15 [Info] [4648] Recv Exit Msg, Exit... 2026-03-14 11:15:44 [Info] [2096] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 11:15:44 [Info] [2096] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap173231773458144 2026-03-14 11:15:44 [Info] [2096] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 11:15:44 [Info] [2096] Resource monitor start 2026-03-14 11:15:44 [Info] [2096] ipc client init success 2026-03-14 11:15:44 [Info] [2096] Ipc init: 0 2026-03-14 11:15:44 [Info] [2096] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 11:15:44 [Info] [2096] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 11:15:44 [Info] [2096] start ipc thread id[5108] 2026-03-14 11:15:44 [Info] [2096] Connect Yundun ipc server return state is 0 2026-03-14 11:15:44 [Info] [2096] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 11:15:44 [Info] [2096] CResourceMonitor::run Enter 2026-03-14 11:15:44 [Info] [2096] CIpcMsgHandlerMgr::run Enter 2026-03-14 11:15:44 [Info] [2096] Report thread 2026-03-14 11:15:44 [Info] [2096] Monitor thread 2026-03-14 11:15:44 [Info] [2096] Loader thread 2026-03-14 11:15:44 [Info] [2096] PythonEngineImpl Init... 2026-03-14 11:15:44 [Info] [2096] yundun connected 2026-03-14 11:15:45 [Info] [2096] recvmsg: HELLO 2026-03-14 11:15:45 [Info] [2096] recvmsg: WORK 2026-03-14 11:15:45 [Info] [2096] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 11:15:45 [Info] [2096] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 11:15:45 [Info] [2096] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 11:15:45 [Info] [2096] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 11:15:45 [Info] [2096] log fd cnt is [250], real fd cnt is [282] 2026-03-14 11:15:45 [Info] [2096] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 11:15:45 [Info] [2096] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 11:15:46 [Info] [2096] log memory size is 20480KB, real memory size is 14592KB 2026-03-14 11:15:46 [Info] [2096] item: --windows-autorun-item-check 2026-03-14 11:15:46 [Info] [2096] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-03-14 11:15:46 [Info] [2096] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5 2026-03-14 11:15:46 [Info] [2096] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 11:15:46 [Info] [2096] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 11:15:47 [Info] [2096] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0 2026-03-14 11:15:47 [Info] [2096] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5 2026-03-14 11:15:47 [Info] [2096] Prepare stage1: --windows-autorun-item-check 2026-03-14 11:15:47 [Info] [2096] Prepare stage2 2026-03-14 11:15:50 [Info] [2096] log memory size is 30720KB, real memory size is 22288KB 2026-03-14 11:15:57 [Info] [2096] stage3: --windows-autorun-item-check 2026-03-14 11:15:57 [Info] [2096] Loader after check 2026-03-14 11:15:58 [Info] [2096] Enter reuse wait state. 2026-03-14 11:16:00 [Info] [2096] recvmsg: EXIT 2026-03-14 11:16:00 [Info] [2096] Recv Exit Msg, Exit... 2026-03-14 11:40:55 [Info] [4416] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 11:40:55 [Info] [4416] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap222571773459655 2026-03-14 11:40:55 [Info] [4416] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 11:40:55 [Info] [4416] Resource monitor start 2026-03-14 11:40:55 [Info] [4416] ipc client init success 2026-03-14 11:40:55 [Info] [4416] Ipc init: 0 2026-03-14 11:40:55 [Info] [4416] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 11:40:55 [Info] [4416] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 11:40:55 [Info] [4416] start ipc thread id[1400] 2026-03-14 11:40:55 [Info] [4416] Connect Yundun ipc server return state is 0 2026-03-14 11:40:55 [Info] [4416] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 11:40:55 [Info] [4416] CResourceMonitor::run Enter 2026-03-14 11:40:55 [Info] [4416] CIpcMsgHandlerMgr::run Enter 2026-03-14 11:40:55 [Info] [4416] yundun connected 2026-03-14 11:40:55 [Info] [4416] Report thread 2026-03-14 11:40:55 [Info] [4416] Monitor thread 2026-03-14 11:40:55 [Info] [4416] Loader thread 2026-03-14 11:40:55 [Info] [4416] PythonEngineImpl Init... 2026-03-14 11:40:55 [Info] [4416] recvmsg: HELLO 2026-03-14 11:40:55 [Info] [4416] recvmsg: WORK 2026-03-14 11:40:55 [Info] [4416] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 11:40:55 [Info] [4416] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 11:40:55 [Info] [4416] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 11:40:56 [Info] [4416] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 11:40:56 [Info] [4416] log fd cnt is [250], real fd cnt is [282] 2026-03-14 11:40:56 [Info] [4416] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 11:40:56 [Info] [4416] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 11:40:57 [Info] [4416] log memory size is 20480KB, real memory size is 14512KB 2026-03-14 11:40:57 [Info] [4416] item: --tcp-connect-check 2026-03-14 11:40:57 [Info] [4416] cgroup name aegisRtap0 2026-03-14 11:40:57 [Info] [4416] try get sys version 2026-03-14 11:40:57 [Info] [4416] win sys info:2/10:0:3 2026-03-14 11:40:57 [Info] [4416] suit legal version, enable cpu control 2026-03-14 11:40:57 [Info] [4416] get AssignProcessToJobObject handle [00000478] 2026-03-14 11:40:57 [Info] [4416] Set setJobExtended. 2026-03-14 11:40:57 [Info] [4416] Set cpu [9%] 2026-03-14 11:40:57 [Info] [4416] Set cpu success 2026-03-14 11:40:57 [Info] [4416] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-03-14 11:40:57 [Info] [4416] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5 2026-03-14 11:40:57 [Info] [4416] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 11:40:57 [Info] [4416] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 11:40:57 [Info] [4416] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0 2026-03-14 11:40:57 [Info] [4416] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5 2026-03-14 11:40:58 [Info] [4416] Prepare stage1: --tcp-connect-check 2026-03-14 11:40:58 [Info] [4416] Prepare stage2 2026-03-14 11:41:01 [Info] [4416] stage3: --tcp-connect-check 2026-03-14 11:41:01 [Info] [4416] Loader after check 2026-03-14 11:41:02 [Info] [4416] Enter reuse wait state. 2026-03-14 11:41:06 [Info] [4416] recvmsg: EXIT 2026-03-14 11:41:06 [Info] [4416] Recv Exit Msg, Exit... 2026-03-14 12:41:21 [Info] [864] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 12:41:21 [Info] [864] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap12951773463270 2026-03-14 12:41:21 [Info] [864] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 12:41:26 [Info] [864] Resource monitor start 2026-03-14 12:41:26 [Info] [864] ipc client init success 2026-03-14 12:41:26 [Info] [864] Ipc init: 0 2026-03-14 12:41:26 [Info] [864] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 12:41:26 [Info] [864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 12:41:26 [Info] [864] start ipc thread id[1388] 2026-03-14 12:41:26 [Info] [864] Connect Yundun ipc server return state is 0 2026-03-14 12:41:32 [Info] [864] Monitor thread 2026-03-14 12:41:32 [Info] [864] Report thread 2026-03-14 12:41:32 [Info] [864] yundun connected 2026-03-14 12:41:32 [Info] [864] CIpcMsgHandlerMgr::run Enter 2026-03-14 12:41:32 [Info] [864] CResourceMonitor::run Enter 2026-03-14 12:41:32 [Info] [864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 12:41:32 [Info] [864] recvmsg: HELLO 2026-03-14 12:41:32 [Info] [864] recvmsg: WORK 2026-03-14 12:41:33 [Info] [864] log fd cnt is [250], real fd cnt is [251] 2026-03-14 12:41:35 [Info] [864] Loader thread 2026-03-14 12:41:35 [Info] [864] PythonEngineImpl Init... 2026-03-14 12:41:35 [Info] [864] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 12:41:35 [Info] [864] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 12:41:35 [Info] [864] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 12:41:35 [Info] [864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 12:41:36 [Info] [864] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 12:41:36 [Info] [864] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 12:41:37 [Info] [864] item: --windows-sysinfoext-check 2026-03-14 12:41:37 [Info] [864] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 12:41:37 [Info] [864] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 12:41:37 [Info] [864] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 12:41:37 [Info] [864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 12:41:37 [Info] [864] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-14 12:41:37 [Info] [864] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 12:41:37 [Info] [864] Prepare stage1: --windows-sysinfoext-check 2026-03-14 12:41:37 [Info] [864] Prepare stage2 2026-03-14 12:41:38 [Info] [864] log memory size is 20480KB, real memory size is 22792KB 2026-03-14 12:41:40 [Info] [864] stage3: --windows-sysinfoext-check 2026-03-14 12:41:40 [Info] [864] Loader after check 2026-03-14 12:41:41 [Info] [864] Enter reuse wait state. 2026-03-14 12:41:42 [Info] [864] log memory size is 30720KB, real memory size is 23008KB 2026-03-14 12:41:46 [Info] [864] recvmsg: EXIT 2026-03-14 12:41:46 [Info] [864] Recv Exit Msg, Exit... 2026-03-14 18:11:28 [Info] [1500] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 18:11:28 [Info] [1500] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap4171773483070 2026-03-14 18:11:28 [Info] [1500] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 18:11:28 [Info] [1500] Resource monitor start 2026-03-14 18:11:28 [Info] [1500] ipc client init success 2026-03-14 18:11:28 [Info] [1500] Ipc init: 0 2026-03-14 18:11:28 [Info] [1500] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 18:11:28 [Info] [1500] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 18:11:35 [Info] [1500] CIpcMsgHandlerMgr::run Enter 2026-03-14 18:11:35 [Info] [1500] CResourceMonitor::run Enter 2026-03-14 18:11:35 [Info] [1500] start ipc thread id[4596] 2026-03-14 18:11:35 [Info] [1500] Connect Yundun ipc server return state is 0 2026-03-14 18:11:35 [Info] [1500] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 18:11:36 [Info] [1500] log fd cnt is [250], real fd cnt is [243] 2026-03-14 18:11:39 [Warn] [1500] try connect yundun... 2026-03-14 18:11:39 [Info] [1500] waiting response 2026-03-14 18:11:39 [Info] [1500] Connect Yundun ipc server return state is 0 2026-03-14 18:11:41 [Info] [1500] Loader thread 2026-03-14 18:11:41 [Info] [1500] PythonEngineImpl Init... 2026-03-14 18:11:41 [Info] [1500] Monitor thread 2026-03-14 18:11:41 [Info] [1500] Report thread 2026-03-14 18:11:41 [Info] [1500] yundun connected 2026-03-14 18:11:41 [Info] [1500] log memory size is 20480KB, real memory size is 12756KB 2026-03-14 18:11:41 [Info] [1500] recvmsg: HELLO 2026-03-14 18:11:41 [Info] [1500] recvmsg: WORK 2026-03-14 18:11:42 [Info] [1500] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 18:11:42 [Info] [1500] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 18:11:42 [Info] [1500] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 18:11:42 [Info] [1500] recvmsg: T_MSG_IPC_NETWORK_NOTIFY 2026-03-14 18:11:52 [Warn] [1500] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28 2026-03-14 18:12:02 [Warn] [1500] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28 2026-03-14 18:12:02 [Info] [1500] http request success : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 18:12:02 [Info] [1500] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 18:12:02 [Info] [1500] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 18:12:03 [Info] [1500] item: --windows-sysinfoext-check 2026-03-14 18:12:03 [Info] [1500] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 18:12:03 [Info] [1500] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 18:12:03 [Info] [1500] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 18:12:04 [Info] [1500] http request success : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 18:12:04 [Info] [1500] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-14 18:12:04 [Info] [1500] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 18:12:04 [Info] [1500] Prepare stage1: --windows-sysinfoext-check 2026-03-14 18:12:04 [Info] [1500] Prepare stage2 2026-03-14 18:12:04 [Warn] [1500] high cpu, cpu is 18 2026-03-14 18:12:04 [Info] [1500] try get sys version 2026-03-14 18:12:04 [Info] [1500] win sys info:2/10:0:3 2026-03-14 18:12:04 [Info] [1500] suit legal version, enable cpu control 2026-03-14 18:12:04 [Warn] [1500] High CPU Warning: 18 2026-03-14 18:12:05 [Warn] [1500] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: 2026-03-14 18:12:06 [Info] [1500] stage3: --windows-sysinfoext-check 2026-03-14 18:12:06 [Info] [1500] Loader after check 2026-03-14 18:12:06 [Info] [1500] log memory size is 30720KB, real memory size is 22928KB 2026-03-14 18:12:07 [Info] [1500] Enter reuse wait state. 2026-03-14 18:12:09 [Info] [1500] recvmsg: EXIT 2026-03-14 18:12:09 [Info] [1500] Recv Exit Msg, Exit... 2026-03-14 18:18:00 [Info] [1264] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 18:18:00 [Info] [1264] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap17561773483480 2026-03-14 18:18:00 [Info] [1264] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 18:18:00 [Info] [1264] Resource monitor start 2026-03-14 18:18:00 [Info] [1264] ipc client init success 2026-03-14 18:18:00 [Info] [1264] Ipc init: 0 2026-03-14 18:18:00 [Info] [1264] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 18:18:00 [Info] [1264] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 18:18:00 [Info] [1264] start ipc thread id[1520] 2026-03-14 18:18:00 [Info] [1264] Connect Yundun ipc server return state is 0 2026-03-14 18:18:00 [Info] [1264] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 18:18:00 [Info] [1264] CResourceMonitor::run Enter 2026-03-14 18:18:00 [Info] [1264] CIpcMsgHandlerMgr::run Enter 2026-03-14 18:18:00 [Info] [1264] Report thread 2026-03-14 18:18:00 [Info] [1264] Monitor thread 2026-03-14 18:18:00 [Info] [1264] Loader thread 2026-03-14 18:18:00 [Info] [1264] PythonEngineImpl Init... 2026-03-14 18:18:00 [Info] [1264] yundun connected 2026-03-14 18:18:00 [Info] [1264] recvmsg: HELLO 2026-03-14 18:18:00 [Info] [1264] recvmsg: WORK 2026-03-14 18:18:00 [Info] [1264] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 18:18:00 [Info] [1264] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 18:18:00 [Info] [1264] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 18:18:01 [Info] [1264] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 18:18:01 [Info] [1264] log fd cnt is [250], real fd cnt is [282] 2026-03-14 18:18:01 [Info] [1264] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 18:18:01 [Info] [1264] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 18:18:02 [Info] [1264] log memory size is 20480KB, real memory size is 14524KB 2026-03-14 18:18:02 [Info] [1264] item: --windows-vul-check 2026-03-14 18:18:02 [Info] [1264] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-03-14 18:18:02 [Info] [1264] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-03-14 18:18:02 [Info] [1264] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/windows-vul-check.py 2026-03-14 18:18:02 [Info] [1264] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py 2026-03-14 18:18:02 [Info] [1264] Download redirect files success. 2026-03-14 18:18:02 [Info] [1264] Prepare stage1: --windows-vul-check 2026-03-14 18:18:02 [Info] [1264] Prepare stage2 2026-03-14 18:18:02 [Info] [1264] start DownLoadBuffer update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat 2026-03-14 18:18:02 [Info] [1264] start do http get request for update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat 2026-03-14 18:18:02 [Info] [1264] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 18:18:02 [Info] [1264] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 18:18:03 [Warn] [1264] high cpu, cpu is 17 2026-03-14 18:18:03 [Info] [1264] try get sys version 2026-03-14 18:18:03 [Info] [1264] win sys info:2/10:0:3 2026-03-14 18:18:03 [Info] [1264] suit legal version, enable cpu control 2026-03-14 18:18:03 [Warn] [1264] High CPU Warning: 17 2026-03-14 18:18:03 [Info] [1264] start DownLoadBuffer aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5 2026-03-14 18:18:03 [Info] [1264] start do http get request for aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5 2026-03-14 18:18:03 [Info] [1264] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5, http code : 200, curl ret : 0 2026-03-14 18:18:03 [Info] [1264] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat, http code : 200, curl ret : 0 2026-03-14 18:18:03 [Info] [1264] http download from redirect url success with https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat 2026-03-14 18:18:03 [Info] [1264] DownLoadFile ok C:\Program Files (x86)\Alibaba\Aegis\aegis_client\aegis_12_80\rule\vuldata_v2.dat 2026-03-14 18:18:03 [Warn] [1264] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:aegis_plugin_util.py line: 250 in func: __download_by_extension_interface File:aegis_plugin_util.py line: 386 in func: download_aegis_file File:windows-vul-check.py line: 370 in func: update_local_rule File:windows-vul-check.py line: 982 in func: start 2026-03-14 18:18:03 [Info] [1264] stage3: --windows-vul-check 2026-03-14 18:18:03 [Info] [1264] Loader after check 2026-03-14 18:18:04 [Info] [1264] Enter reuse wait state. 2026-03-14 18:18:06 [Info] [1264] log memory size is 30720KB, real memory size is 23256KB 2026-03-14 18:18:07 [Info] [1264] recvmsg: EXIT 2026-03-14 18:18:07 [Info] [1264] Recv Exit Msg, Exit... 2026-03-14 19:08:55 [Info] [572] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 19:08:55 [Info] [572] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap117321773486535 2026-03-14 19:08:55 [Info] [572] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 19:08:55 [Info] [572] Resource monitor start 2026-03-14 19:08:55 [Info] [572] ipc client init success 2026-03-14 19:08:55 [Info] [572] Ipc init: 0 2026-03-14 19:08:55 [Info] [572] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 19:08:55 [Info] [572] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 19:08:55 [Info] [572] start ipc thread id[4376] 2026-03-14 19:08:55 [Info] [572] Connect Yundun ipc server return state is 0 2026-03-14 19:08:55 [Info] [572] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 19:08:55 [Info] [572] CResourceMonitor::run Enter 2026-03-14 19:08:55 [Info] [572] CIpcMsgHandlerMgr::run Enter 2026-03-14 19:08:55 [Info] [572] Report thread 2026-03-14 19:08:55 [Info] [572] Monitor thread 2026-03-14 19:08:55 [Info] [572] Loader thread 2026-03-14 19:08:55 [Info] [572] PythonEngineImpl Init... 2026-03-14 19:08:55 [Info] [572] yundun connected 2026-03-14 19:08:56 [Info] [572] recvmsg: HELLO 2026-03-14 19:08:56 [Info] [572] recvmsg: WORK 2026-03-14 19:08:56 [Info] [572] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 19:08:56 [Info] [572] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 19:08:56 [Info] [572] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 19:08:56 [Info] [572] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 19:08:56 [Info] [572] log fd cnt is [250], real fd cnt is [282] 2026-03-14 19:08:56 [Info] [572] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 19:08:56 [Info] [572] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 19:08:57 [Info] [572] log memory size is 20480KB, real memory size is 14520KB 2026-03-14 19:08:57 [Info] [572] item: --secnet_rasp_agent 2026-03-14 19:08:57 [Info] [572] start post buffer update.aegis.aliyun.com/file_policy/rtap_files 2026-03-14 19:08:58 [Info] [572] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py 2026-03-14 19:08:58 [Info] [572] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py 2026-03-14 19:08:58 [Info] [572] Download redirect files success. 2026-03-14 19:08:58 [Info] [572] Prepare stage1: --secnet_rasp_agent 2026-03-14 19:08:58 [Info] [572] Prepare stage2 2026-03-14 19:08:58 [Warn] [572] high cpu, cpu is 13 2026-03-14 19:08:58 [Info] [572] try get sys version 2026-03-14 19:08:58 [Info] [572] win sys info:2/10:0:3 2026-03-14 19:08:58 [Info] [572] suit legal version, enable cpu control 2026-03-14 19:08:58 [Warn] [572] High CPU Warning: 13 2026-03-14 19:08:58 [Info] [572] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-14 19:08:58 [Info] [572] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-14 19:08:58 [Info] [572] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 19:08:58 [Warn] [572] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1 script trace back: File:subprocess.py line: 125 in func: _eintr_retry_call File:subprocess.py line: 475 in func: communicate File:subprocess.py line: 217 in func: check_output File:secnet_rasp_agent_lib.py line: 55 in func: read_host_uuid File:secnet_rasp_agent.py line: 218 in func: main File:secnet_rasp_agent.py line: 240 in func: start 2026-03-14 19:08:59 [Info] [572] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 19:08:59 [Info] [572] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0 2026-03-14 19:08:59 [Info] [572] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update 2026-03-14 19:08:59 [Info] [572] stage3: --secnet_rasp_agent 2026-03-14 19:08:59 [Info] [572] Loader after check 2026-03-14 19:09:00 [Info] [572] Enter reuse wait state. 2026-03-14 19:09:02 [Info] [572] log memory size is 30720KB, real memory size is 21096KB 2026-03-14 19:09:03 [Info] [572] recvmsg: EXIT 2026-03-14 19:09:03 [Info] [572] Recv Exit Msg, Exit... 2026-03-14 23:40:47 [Info] [1892] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37==================== 2026-03-14 23:40:47 [Info] [1892] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap321871773502833 2026-03-14 23:40:47 [Info] [1892] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis 2026-03-14 23:40:47 [Info] [1892] Resource monitor start 2026-03-14 23:40:47 [Info] [1892] ipc client init success 2026-03-14 23:40:47 [Info] [1892] Ipc init: 0 2026-03-14 23:40:47 [Info] [1892] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl 2026-03-14 23:40:47 [Info] [1892] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll 2026-03-14 23:40:47 [Info] [1892] start ipc thread id[3788] 2026-03-14 23:40:47 [Info] [1892] Connect Yundun ipc server return state is 0 2026-03-14 23:40:47 [Info] [1892] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll 2026-03-14 23:40:47 [Info] [1892] CResourceMonitor::run Enter 2026-03-14 23:40:47 [Info] [1892] CIpcMsgHandlerMgr::run Enter 2026-03-14 23:40:47 [Info] [1892] yundun connected 2026-03-14 23:40:47 [Info] [1892] Report thread 2026-03-14 23:40:47 [Info] [1892] Monitor thread 2026-03-14 23:40:47 [Info] [1892] Loader thread 2026-03-14 23:40:47 [Info] [1892] PythonEngineImpl Init... 2026-03-14 23:40:47 [Info] [1892] recvmsg: HELLO 2026-03-14 23:40:47 [Info] [1892] recvmsg: WORK 2026-03-14 23:40:48 [Info] [1892] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 23:40:48 [Info] [1892] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5 2026-03-14 23:40:48 [Info] [1892] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 23:40:48 [Info] [1892] log fd cnt is [250], real fd cnt is [264] 2026-03-14 23:40:48 [Info] [1892] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 23:40:49 [Info] [1892] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0 2026-03-14 23:40:49 [Info] [1892] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5 2026-03-14 23:40:49 [Info] [1892] log memory size is 20480KB, real memory size is 14584KB 2026-03-14 23:40:50 [Info] [1892] item: --windows-sysinfoext-check 2026-03-14 23:40:50 [Info] [1892] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 23:40:50 [Info] [1892] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 23:40:50 [Info] [1892] start post buffer update.aegis.aliyun.com/file_policy/file 2026-03-14 23:40:50 [Info] [1892] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0 2026-03-14 23:40:50 [Info] [1892] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0 2026-03-14 23:40:50 [Info] [1892] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5 2026-03-14 23:40:50 [Info] [1892] Prepare stage1: --windows-sysinfoext-check 2026-03-14 23:40:50 [Info] [1892] Prepare stage2 2026-03-14 23:40:52 [Info] [1892] stage3: --windows-sysinfoext-check 2026-03-14 23:40:52 [Info] [1892] Loader after check 2026-03-14 23:40:52 [Warn] [1892] high cpu, cpu is 13 2026-03-14 23:40:52 [Info] [1892] try get sys version 2026-03-14 23:40:52 [Info] [1892] win sys info:2/10:0:3 2026-03-14 23:40:52 [Info] [1892] suit legal version, enable cpu control 2026-03-14 23:40:52 [Warn] [1892] High CPU Warning: 13 2026-03-14 23:40:52 [Warn] [1892] resource monitor exp type: High CPU Warning, script runing: 0 2026-03-14 23:40:53 [Info] [1892] Enter reuse wait state. 2026-03-14 23:40:53 [Info] [1892] log memory size is 30720KB, real memory size is 22992KB 2026-03-14 23:40:58 [Info] [1892] recvmsg: EXIT 2026-03-14 23:40:58 [Info] [1892] Recv Exit Msg, Exit...