2026-03-02 07:56:04 [Info] [3808] Monitor thread
2026-03-02 07:56:04 [Info] [3808] Loader thread
2026-03-02 07:56:04 [Info] [3808] PythonEngineImpl Init...
2026-03-02 07:56:04 [Info] [3808] yundun connected
2026-03-02 07:56:05 [Info] [3808] recvmsg: HELLO
2026-03-02 07:56:05 [Info] [3808] recvmsg: WORK
2026-03-02 07:56:05 [Info] [3808] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 07:56:05 [Info] [3808] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 07:56:05 [Info] [3808] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 07:56:05 [Info] [3808] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 07:56:05 [Info] [3808] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 07:56:05 [Info] [3808] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 07:56:05 [Info] [3808] log fd cnt is [250], real fd cnt is [281]
2026-03-02 07:56:06 [Info] [3808] log memory size is 20480KB, real memory size is 14504KB
2026-03-02 07:56:06 [Info] [3808] item: --windows-vul-clean
2026-03-02 07:56:06 [Info] [3808] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-02 07:56:06 [Info] [3808] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-02 07:56:06 [Info] [3808] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 07:56:07 [Info] [3808] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 07:56:07 [Info] [3808] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5, http code : 200, curl ret : 0
2026-03-02 07:56:07 [Info] [3808] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5
2026-03-02 07:56:07 [Info] [3808] Prepare stage1: --windows-vul-clean
2026-03-02 07:56:07 [Info] [3808] Prepare stage2
2026-03-02 07:56:07 [Info] [3808] stage3: --windows-vul-clean
2026-03-02 07:56:07 [Info] [3808] Loader after check
2026-03-02 07:56:08 [Info] [3808] Enter reuse wait state.
2026-03-02 07:56:12 [Info] [3808] recvmsg: EXIT
2026-03-02 07:56:12 [Info] [3808] Recv Exit Msg, Exit...
2026-03-02 09:00:56 [Info] [1840] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 09:00:56 [Info] [1840] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap130271772413255 
2026-03-02 09:00:56 [Info] [1840] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 09:00:56 [Info] [1840] Resource monitor start
2026-03-02 09:00:56 [Info] [1840] ipc client init success
2026-03-02 09:00:56 [Info] [1840] Ipc init: 0
2026-03-02 09:00:56 [Info] [1840] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 09:00:56 [Info] [1840] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 09:00:56 [Info] [1840] CResourceMonitor::run Enter
2026-03-02 09:00:56 [Info] [1840] CIpcMsgHandlerMgr::run Enter
2026-03-02 09:00:56 [Info] [1840] start ipc thread id[1956]
2026-03-02 09:00:56 [Info] [1840] Connect Yundun ipc server return state is 0
2026-03-02 09:00:56 [Info] [1840] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 09:00:56 [Info] [1840] yundun connected
2026-03-02 09:00:56 [Info] [1840] Report thread
2026-03-02 09:00:56 [Info] [1840] Monitor thread
2026-03-02 09:00:56 [Info] [1840] Loader thread
2026-03-02 09:00:56 [Info] [1840] PythonEngineImpl Init...
2026-03-02 09:00:57 [Info] [1840] recvmsg: HELLO
2026-03-02 09:00:57 [Info] [1840] recvmsg: WORK
2026-03-02 09:00:57 [Info] [1840] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:00:57 [Info] [1840] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:00:57 [Info] [1840] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 09:00:57 [Info] [1840] log fd cnt is [250], real fd cnt is [282]
2026-03-02 09:00:57 [Info] [1840] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 09:00:57 [Info] [1840] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 09:00:57 [Info] [1840] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 09:00:58 [Info] [1840] log memory size is 20480KB, real memory size is 14628KB
2026-03-02 09:00:59 [Info] [1840] item: --windows-process-check
2026-03-02 09:00:59 [Info] [1840] cgroup name aegisRtap0
2026-03-02 09:00:59 [Info] [1840] try get sys version
2026-03-02 09:00:59 [Info] [1840] win sys info:2/10:0:3
2026-03-02 09:00:59 [Info] [1840] suit legal version, enable cpu control
2026-03-02 09:00:59 [Info] [1840] get AssignProcessToJobObject handle [00000478]
2026-03-02 09:00:59 [Info] [1840] Set setJobExtended.
2026-03-02 09:00:59 [Info] [1840] Set cpu [9%]
2026-03-02 09:00:59 [Info] [1840] Set cpu success
2026-03-02 09:00:59 [Info] [1840] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-02 09:00:59 [Info] [1840] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-02 09:00:59 [Info] [1840] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 09:00:59 [Info] [1840] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 09:00:59 [Info] [1840] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5, http code : 200, curl ret : 0
2026-03-02 09:00:59 [Info] [1840] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5
2026-03-02 09:00:59 [Info] [1840] Prepare stage1: --windows-process-check
2026-03-02 09:00:59 [Info] [1840] Prepare stage2
2026-03-02 09:01:10 [Info] [1840] log memory size is 30720KB, real memory size is 20600KB
2026-03-02 09:01:18 [Info] [1840] stage3: --windows-process-check
2026-03-02 09:01:18 [Info] [1840] Loader after check
2026-03-02 09:01:19 [Info] [1840] Enter reuse wait state.
2026-03-02 09:01:24 [Info] [1840] recvmsg: EXIT
2026-03-02 09:01:24 [Info] [1840] Recv Exit Msg, Exit...
2026-03-02 09:25:55 [Info] [4928] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 09:25:55 [Info] [4928] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap179261772414755 
2026-03-02 09:25:55 [Info] [4928] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 09:25:55 [Info] [4928] Resource monitor start
2026-03-02 09:25:55 [Info] [4928] ipc client init success
2026-03-02 09:25:55 [Info] [4928] Ipc init: 0
2026-03-02 09:25:55 [Info] [4928] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 09:25:55 [Info] [4928] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 09:25:55 [Info] [4928] start ipc thread id[3208]
2026-03-02 09:25:55 [Info] [4928] Connect Yundun ipc server return state is 0
2026-03-02 09:25:55 [Info] [4928] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 09:25:55 [Info] [4928] CResourceMonitor::run Enter
2026-03-02 09:25:55 [Info] [4928] CIpcMsgHandlerMgr::run Enter
2026-03-02 09:25:55 [Info] [4928] Report thread
2026-03-02 09:25:55 [Info] [4928] Monitor thread
2026-03-02 09:25:55 [Info] [4928] Loader thread
2026-03-02 09:25:55 [Info] [4928] PythonEngineImpl Init...
2026-03-02 09:25:55 [Info] [4928] yundun connected
2026-03-02 09:25:55 [Info] [4928] recvmsg: HELLO
2026-03-02 09:25:55 [Info] [4928] recvmsg: WORK
2026-03-02 09:25:56 [Info] [4928] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:25:56 [Info] [4928] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:25:56 [Info] [4928] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 09:25:56 [Info] [4928] log fd cnt is [250], real fd cnt is [277]
2026-03-02 09:25:56 [Info] [4928] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 09:25:57 [Info] [4928] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 09:25:57 [Info] [4928] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 09:25:57 [Info] [4928] log memory size is 20480KB, real memory size is 14472KB
2026-03-02 09:25:58 [Info] [4928] item: --sca
2026-03-02 09:25:58 [Info] [4928] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-02 09:25:58 [Info] [4928] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py
2026-03-02 09:25:58 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py
2026-03-02 09:25:59 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py
2026-03-02 09:25:59 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py
2026-03-02 09:25:59 [Info] [4928] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py
2026-03-02 09:25:59 [Info] [4928] Download redirect files success.
2026-03-02 09:25:59 [Info] [4928] Prepare stage1: --sca
2026-03-02 09:25:59 [Info] [4928] Prepare stage2
2026-03-02 09:26:00 [Warn] [4928] high cpu, cpu is 23
2026-03-02 09:26:00 [Info] [4928] try get sys version
2026-03-02 09:26:00 [Info] [4928] win sys info:2/10:0:3
2026-03-02 09:26:00 [Info] [4928] suit legal version, enable cpu control
2026-03-02 09:26:00 [Warn] [4928] High CPU Warning: 23
2026-03-02 09:26:00 [Warn] [4928] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:sca.py line: 197 in func: init_analyzer
File:sca.py line: 390 in func: start
2026-03-02 09:26:01 [Info] [4928] log memory size is 30720KB, real memory size is 32156KB
2026-03-02 09:26:06 [Info] [4928] log memory size is 40960KB, real memory size is 32724KB
2026-03-02 09:26:35 [Info] [4928] stage3: --sca
2026-03-02 09:26:35 [Info] [4928] Loader after check
2026-03-02 09:26:35 [Info] [4928] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 09:26:36 [Info] [4928] Enter reuse wait state.
2026-03-02 09:26:39 [Info] [4928] recvmsg: EXIT
2026-03-02 09:26:39 [Info] [4928] Recv Exit Msg, Exit...
2026-03-02 09:53:39 [Info] [2644] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 09:53:39 [Info] [2644] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap232941772416399 
2026-03-02 09:53:39 [Info] [2644] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 09:53:39 [Info] [2644] Resource monitor start
2026-03-02 09:53:39 [Info] [2644] ipc client init success
2026-03-02 09:53:39 [Info] [2644] Ipc init: 0
2026-03-02 09:53:39 [Info] [2644] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 09:53:39 [Info] [2644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 09:53:39 [Info] [2644] start ipc thread id[2052]
2026-03-02 09:53:39 [Info] [2644] Connect Yundun ipc server return state is 0
2026-03-02 09:53:39 [Info] [2644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 09:53:39 [Info] [2644] CResourceMonitor::run Enter
2026-03-02 09:53:39 [Info] [2644] CIpcMsgHandlerMgr::run Enter
2026-03-02 09:53:39 [Info] [2644] Report thread
2026-03-02 09:53:39 [Info] [2644] Monitor thread
2026-03-02 09:53:39 [Info] [2644] Loader thread
2026-03-02 09:53:39 [Info] [2644] PythonEngineImpl Init...
2026-03-02 09:53:42 [Info] [2644] yundun connected
2026-03-02 09:53:42 [Info] [2644] log fd cnt is [250], real fd cnt is [261]
2026-03-02 09:53:43 [Info] [2644] recvmsg: HELLO
2026-03-02 09:53:43 [Info] [2644] recvmsg: WORK
2026-03-02 09:53:43 [Info] [2644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:53:43 [Info] [2644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 09:53:43 [Info] [2644] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 09:53:43 [Info] [2644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 09:53:43 [Info] [2644] log memory size is 20480KB, real memory size is 14284KB
2026-03-02 09:53:43 [Info] [2644] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 09:53:43 [Info] [2644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 09:53:44 [Info] [2644] item: --windows-sysinfoext-check
2026-03-02 09:53:44 [Info] [2644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 09:53:44 [Info] [2644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 09:53:44 [Info] [2644] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 09:53:45 [Info] [2644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 09:53:45 [Info] [2644] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-02 09:53:45 [Info] [2644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 09:53:45 [Info] [2644] Prepare stage1: --windows-sysinfoext-check
2026-03-02 09:53:45 [Info] [2644] Prepare stage2
2026-03-02 09:53:46 [Warn] [2644] high cpu, cpu is 15
2026-03-02 09:53:46 [Info] [2644] try get sys version
2026-03-02 09:53:46 [Info] [2644] win sys info:2/10:0:3
2026-03-02 09:53:46 [Info] [2644] suit legal version, enable cpu control
2026-03-02 09:53:46 [Warn] [2644] High CPU Warning: 15
2026-03-02 09:53:47 [Warn] [2644] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
2026-03-02 09:53:48 [Info] [2644] log memory size is 30720KB, real memory size is 22736KB
2026-03-02 09:53:57 [Warn] [2644] high cpu, cpu is 12
2026-03-02 09:53:57 [Warn] [2644] High CPU Warning: 12
2026-03-02 09:53:57 [Warn] [2644] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:dynamic.py line: 516 in func: __getattr__
File:wmi.py line: 494 in func: __init__
File:wmi.py line: 1009 in func: query
File:wmi.py line: 817 in func: query
File:windows-sysinfoext-check.py line: 209 in func: getMacAddr
File:windows-sysinfoext-check.py line: 176 in func: check
File:windows-sysinfoext-check.py line: 143 in func: main
File:windows-sysinfoext-check.py line: 200 in func: start
2026-03-02 09:53:57 [Info] [2644] stage3: --windows-sysinfoext-check
2026-03-02 09:53:57 [Info] [2644] Loader after check
2026-03-02 09:53:58 [Info] [2644] Enter reuse wait state.
2026-03-02 09:54:03 [Info] [2644] recvmsg: EXIT
2026-03-02 09:54:03 [Info] [2644] Recv Exit Msg, Exit...
2026-03-02 10:36:19 [Info] [1396] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 10:36:19 [Info] [1396] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap317161772418978 
2026-03-02 10:36:19 [Info] [1396] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 10:36:19 [Info] [1396] Resource monitor start
2026-03-02 10:36:19 [Info] [1396] ipc client init success
2026-03-02 10:36:19 [Info] [1396] Ipc init: 0
2026-03-02 10:36:19 [Info] [1396] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 10:36:19 [Info] [1396] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 10:36:19 [Info] [1396] CResourceMonitor::run Enter
2026-03-02 10:36:19 [Info] [1396] CIpcMsgHandlerMgr::run Enter
2026-03-02 10:36:19 [Info] [1396] start ipc thread id[4676]
2026-03-02 10:36:19 [Info] [1396] Connect Yundun ipc server return state is 0
2026-03-02 10:36:20 [Info] [1396] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 10:36:20 [Info] [1396] yundun connected
2026-03-02 10:36:20 [Info] [1396] Report thread
2026-03-02 10:36:20 [Info] [1396] Monitor thread
2026-03-02 10:36:20 [Info] [1396] Loader thread
2026-03-02 10:36:20 [Info] [1396] PythonEngineImpl Init...
2026-03-02 10:36:20 [Info] [1396] recvmsg: HELLO
2026-03-02 10:36:20 [Info] [1396] recvmsg: WORK
2026-03-02 10:36:20 [Info] [1396] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:36:20 [Info] [1396] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:36:20 [Info] [1396] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:36:20 [Info] [1396] log fd cnt is [250], real fd cnt is [282]
2026-03-02 10:36:21 [Info] [1396] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:36:21 [Info] [1396] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 10:36:21 [Info] [1396] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 10:36:21 [Info] [1396] log memory size is 20480KB, real memory size is 14560KB
2026-03-02 10:36:22 [Info] [1396] item: --windows-driver-version-check
2026-03-02 10:36:22 [Info] [1396] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-02 10:36:22 [Info] [1396] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-02 10:36:22 [Info] [1396] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:36:22 [Info] [1396] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:36:22 [Info] [1396] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0
2026-03-02 10:36:22 [Info] [1396] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5
2026-03-02 10:36:22 [Info] [1396] Prepare stage1: --windows-driver-version-check
2026-03-02 10:36:22 [Info] [1396] Prepare stage2
2026-03-02 10:36:23 [Info] [1396] stage3: --windows-driver-version-check
2026-03-02 10:36:23 [Info] [1396] Loader after check
2026-03-02 10:36:24 [Info] [1396] Enter reuse wait state.
2026-03-02 10:36:27 [Info] [1396] recvmsg: EXIT
2026-03-02 10:36:27 [Info] [1396] Recv Exit Msg, Exit...
2026-03-02 10:45:14 [Info] [868] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 10:45:14 [Info] [868] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap6991772419514 
2026-03-02 10:45:14 [Info] [868] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 10:45:14 [Info] [868] Resource monitor start
2026-03-02 10:45:14 [Info] [868] ipc client init success
2026-03-02 10:45:14 [Info] [868] Ipc init: 0
2026-03-02 10:45:14 [Info] [868] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 10:45:14 [Info] [868] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 10:45:14 [Info] [868] start ipc thread id[2832]
2026-03-02 10:45:14 [Info] [868] Connect Yundun ipc server return state is 0
2026-03-02 10:45:14 [Info] [868] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 10:45:14 [Info] [868] CResourceMonitor::run Enter
2026-03-02 10:45:14 [Info] [868] CIpcMsgHandlerMgr::run Enter
2026-03-02 10:45:14 [Info] [868] Report thread
2026-03-02 10:45:14 [Info] [868] Monitor thread
2026-03-02 10:45:14 [Info] [868] Loader thread
2026-03-02 10:45:14 [Info] [868] PythonEngineImpl Init...
2026-03-02 10:45:14 [Info] [868] yundun connected
2026-03-02 10:45:15 [Info] [868] recvmsg: HELLO
2026-03-02 10:45:15 [Info] [868] recvmsg: WORK
2026-03-02 10:45:15 [Info] [868] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:45:15 [Info] [868] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:45:15 [Info] [868] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:45:15 [Info] [868] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:45:15 [Info] [868] log fd cnt is [250], real fd cnt is [282]
2026-03-02 10:45:15 [Info] [868] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 10:45:15 [Info] [868] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 10:45:16 [Info] [868] log memory size is 20480KB, real memory size is 14492KB
2026-03-02 10:45:16 [Info] [868] item: --windows-registry-check
2026-03-02 10:45:16 [Info] [868] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-02 10:45:16 [Info] [868] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-02 10:45:16 [Info] [868] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:45:16 [Info] [868] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:45:17 [Info] [868] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0
2026-03-02 10:45:17 [Info] [868] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5
2026-03-02 10:45:17 [Info] [868] Prepare stage1: --windows-registry-check
2026-03-02 10:45:17 [Info] [868] Prepare stage2
2026-03-02 10:45:20 [Info] [868] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 10:45:46 [Info] [868] stage3: --windows-registry-check
2026-03-02 10:45:46 [Info] [868] Loader after check
2026-03-02 10:45:47 [Info] [3592] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 10:45:47 [Info] [3592] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap8061772419547 
2026-03-02 10:45:47 [Info] [3592] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 10:45:47 [Info] [3592] Resource monitor start
2026-03-02 10:45:47 [Info] [3592] ipc client init success
2026-03-02 10:45:47 [Info] [3592] Ipc init: 0
2026-03-02 10:45:47 [Info] [3592] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 10:45:47 [Info] [3592] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 10:45:47 [Info] [3592] start ipc thread id[3808]
2026-03-02 10:45:47 [Info] [3592] Connect Yundun ipc server return state is 0
2026-03-02 10:45:47 [Info] [3592] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 10:45:47 [Info] [3592] CResourceMonitor::run Enter
2026-03-02 10:45:47 [Info] [3592] CIpcMsgHandlerMgr::run Enter
2026-03-02 10:45:47 [Info] [3592] Report thread
2026-03-02 10:45:47 [Info] [3592] Monitor thread
2026-03-02 10:45:47 [Info] [3592] Loader thread
2026-03-02 10:45:47 [Info] [3592] PythonEngineImpl Init...
2026-03-02 10:45:47 [Info] [3592] yundun connected
2026-03-02 10:45:47 [Info] [868] Enter reuse wait state.
2026-03-02 10:45:48 [Info] [3592] recvmsg: HELLO
2026-03-02 10:45:48 [Info] [3592] recvmsg: WORK
2026-03-02 10:45:48 [Info] [3592] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:45:48 [Info] [3592] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 10:45:48 [Info] [3592] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:45:48 [Info] [3592] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:45:48 [Info] [3592] log fd cnt is [250], real fd cnt is [282]
2026-03-02 10:45:48 [Info] [3592] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 10:45:48 [Info] [3592] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 10:45:49 [Info] [3592] log memory size is 20480KB, real memory size is 14556KB
2026-03-02 10:45:50 [Info] [3592] item: --windows-schedule-task-check
2026-03-02 10:45:50 [Info] [3592] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-02 10:45:50 [Info] [3592] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-02 10:45:50 [Info] [3592] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 10:45:50 [Info] [3592] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 10:45:50 [Info] [3592] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0
2026-03-02 10:45:50 [Info] [3592] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5
2026-03-02 10:45:50 [Info] [3592] Prepare stage1: --windows-schedule-task-check
2026-03-02 10:45:50 [Info] [3592] Prepare stage2
2026-03-02 10:45:51 [Info] [868] recvmsg: EXIT
2026-03-02 10:45:51 [Info] [868] Recv Exit Msg, Exit...
2026-03-02 10:45:54 [Info] [3592] log memory size is 30720KB, real memory size is 23204KB
2026-03-02 10:46:24 [Info] [3592] stage3: --windows-schedule-task-check
2026-03-02 10:46:24 [Info] [3592] Loader after check
2026-03-02 10:46:25 [Info] [3592] Enter reuse wait state.
2026-03-02 10:46:26 [Info] [3592] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 10:46:30 [Info] [3592] recvmsg: EXIT
2026-03-02 10:46:30 [Info] [3592] Recv Exit Msg, Exit...
2026-03-02 11:16:12 [Info] [1780] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 11:16:12 [Info] [1780] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap67661772421372 
2026-03-02 11:16:12 [Info] [1780] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 11:16:12 [Info] [1780] Resource monitor start
2026-03-02 11:16:12 [Info] [1780] ipc client init success
2026-03-02 11:16:12 [Info] [1780] Ipc init: 0
2026-03-02 11:16:12 [Info] [1780] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 11:16:12 [Info] [1780] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 11:16:12 [Info] [1780] start ipc thread id[1148]
2026-03-02 11:16:12 [Info] [1780] Connect Yundun ipc server return state is 0
2026-03-02 11:16:12 [Info] [1780] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 11:16:12 [Info] [1780] CResourceMonitor::run Enter
2026-03-02 11:16:12 [Info] [1780] CIpcMsgHandlerMgr::run Enter
2026-03-02 11:16:12 [Info] [1780] Report thread
2026-03-02 11:16:12 [Info] [1780] Monitor thread
2026-03-02 11:16:12 [Info] [1780] Loader thread
2026-03-02 11:16:12 [Info] [1780] PythonEngineImpl Init...
2026-03-02 11:16:12 [Info] [1780] yundun connected
2026-03-02 11:16:12 [Info] [1780] recvmsg: HELLO
2026-03-02 11:16:12 [Info] [1780] recvmsg: WORK
2026-03-02 11:16:13 [Info] [1780] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 11:16:13 [Info] [1780] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 11:16:13 [Info] [1780] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 11:16:13 [Info] [1780] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 11:16:13 [Info] [1780] log fd cnt is [250], real fd cnt is [282]
2026-03-02 11:16:13 [Info] [1780] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 11:16:13 [Info] [1780] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 11:16:14 [Info] [1780] log memory size is 20480KB, real memory size is 14572KB
2026-03-02 11:16:14 [Info] [1780] item: --windows-autorun-item-check
2026-03-02 11:16:14 [Info] [1780] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-02 11:16:14 [Info] [1780] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-02 11:16:14 [Info] [1780] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 11:16:14 [Info] [1780] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 11:16:14 [Info] [1780] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0
2026-03-02 11:16:14 [Info] [1780] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5
2026-03-02 11:16:15 [Info] [1780] Prepare stage1: --windows-autorun-item-check
2026-03-02 11:16:15 [Info] [1780] Prepare stage2
2026-03-02 11:16:15 [Info] [1780] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 11:16:18 [Info] [1780] log memory size is 30720KB, real memory size is 22260KB
2026-03-02 11:16:25 [Info] [1780] stage3: --windows-autorun-item-check
2026-03-02 11:16:25 [Info] [1780] Loader after check
2026-03-02 11:16:25 [Warn] [1780] high cpu, cpu is 14
2026-03-02 11:16:25 [Info] [1780] try get sys version
2026-03-02 11:16:25 [Info] [1780] win sys info:2/10:0:3
2026-03-02 11:16:25 [Info] [1780] suit legal version, enable cpu control
2026-03-02 11:16:25 [Warn] [1780] High CPU Warning: 14
2026-03-02 11:16:25 [Warn] [1780] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-02 11:16:26 [Info] [1780] Enter reuse wait state.
2026-03-02 11:16:27 [Info] [1780] recvmsg: EXIT
2026-03-02 11:16:27 [Info] [1780] Recv Exit Msg, Exit...
2026-03-02 11:44:42 [Info] [168] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 11:44:42 [Info] [168] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap123501772423082 
2026-03-02 11:44:42 [Info] [168] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 11:44:42 [Info] [168] Resource monitor start
2026-03-02 11:44:42 [Info] [168] ipc client init success
2026-03-02 11:44:42 [Info] [168] Ipc init: 0
2026-03-02 11:44:42 [Info] [168] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 11:44:42 [Info] [168] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 11:44:42 [Info] [168] start ipc thread id[3152]
2026-03-02 11:44:42 [Info] [168] Connect Yundun ipc server return state is 0
2026-03-02 11:44:42 [Info] [168] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 11:44:42 [Info] [168] CResourceMonitor::run Enter
2026-03-02 11:44:42 [Info] [168] CIpcMsgHandlerMgr::run Enter
2026-03-02 11:44:42 [Info] [168] Report thread
2026-03-02 11:44:42 [Info] [168] Monitor thread
2026-03-02 11:44:42 [Info] [168] Loader thread
2026-03-02 11:44:42 [Info] [168] PythonEngineImpl Init...
2026-03-02 11:44:42 [Info] [168] yundun connected
2026-03-02 11:44:42 [Info] [168] recvmsg: HELLO
2026-03-02 11:44:42 [Info] [168] recvmsg: WORK
2026-03-02 11:44:42 [Info] [168] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 11:44:42 [Info] [168] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 11:44:42 [Info] [168] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 11:44:42 [Info] [168] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 11:44:43 [Info] [168] log fd cnt is [250], real fd cnt is [282]
2026-03-02 11:44:43 [Info] [168] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 11:44:43 [Info] [168] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 11:44:44 [Info] [168] log memory size is 20480KB, real memory size is 14484KB
2026-03-02 11:44:44 [Info] [168] item: --tcp-connect-check
2026-03-02 11:44:44 [Info] [168] cgroup name aegisRtap0
2026-03-02 11:44:44 [Info] [168] try get sys version
2026-03-02 11:44:44 [Info] [168] win sys info:2/10:0:3
2026-03-02 11:44:44 [Info] [168] suit legal version, enable cpu control
2026-03-02 11:44:44 [Info] [168] get AssignProcessToJobObject handle [00000478]
2026-03-02 11:44:44 [Info] [168] Set setJobExtended.
2026-03-02 11:44:44 [Info] [168] Set cpu [9%]
2026-03-02 11:44:44 [Info] [168] Set cpu success
2026-03-02 11:44:44 [Info] [168] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-02 11:44:44 [Info] [168] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-02 11:44:44 [Info] [168] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 11:44:45 [Info] [168] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 11:44:45 [Info] [168] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0
2026-03-02 11:44:45 [Info] [168] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5
2026-03-02 11:44:45 [Info] [168] Prepare stage1: --tcp-connect-check
2026-03-02 11:44:45 [Info] [168] Prepare stage2
2026-03-02 11:44:49 [Info] [168] stage3: --tcp-connect-check
2026-03-02 11:44:49 [Info] [168] Loader after check
2026-03-02 11:44:50 [Info] [168] Enter reuse wait state.
2026-03-02 11:44:53 [Info] [168] recvmsg: EXIT
2026-03-02 11:44:53 [Info] [168] Recv Exit Msg, Exit...
2026-03-02 15:01:02 [Info] [4672] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 15:01:02 [Info] [4672] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap180511772434862 
2026-03-02 15:01:02 [Info] [4672] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 15:01:02 [Info] [4672] Resource monitor start
2026-03-02 15:01:02 [Info] [4672] ipc client init success
2026-03-02 15:01:02 [Info] [4672] Ipc init: 0
2026-03-02 15:01:02 [Info] [4672] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 15:01:02 [Info] [4672] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 15:01:02 [Info] [4672] start ipc thread id[4416]
2026-03-02 15:01:02 [Info] [4672] Connect Yundun ipc server return state is 0
2026-03-02 15:01:02 [Info] [4672] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 15:01:02 [Info] [4672] CResourceMonitor::run Enter
2026-03-02 15:01:02 [Info] [4672] CIpcMsgHandlerMgr::run Enter
2026-03-02 15:01:02 [Info] [4672] Report thread
2026-03-02 15:01:02 [Info] [4672] Monitor thread
2026-03-02 15:01:02 [Info] [4672] Loader thread
2026-03-02 15:01:02 [Info] [4672] PythonEngineImpl Init...
2026-03-02 15:01:02 [Info] [4672] yundun connected
2026-03-02 15:01:04 [Info] [4672] log fd cnt is [250], real fd cnt is [261]
2026-03-02 15:01:04 [Info] [4672] recvmsg: HELLO
2026-03-02 15:01:04 [Info] [4672] recvmsg: WORK
2026-03-02 15:01:04 [Info] [4672] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 15:01:04 [Info] [4672] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 15:01:04 [Info] [4672] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 15:01:04 [Info] [4672] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 15:01:04 [Info] [4672] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 15:01:04 [Info] [4672] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 15:01:05 [Info] [4672] log memory size is 20480KB, real memory size is 14412KB
2026-03-02 15:01:07 [Info] [4672] item: --amsi_clean
2026-03-02 15:01:07 [Info] [4672] cgroup name aegisRtap0
2026-03-02 15:01:07 [Info] [4672] try get sys version
2026-03-02 15:01:07 [Info] [4672] win sys info:2/10:0:3
2026-03-02 15:01:07 [Info] [4672] suit legal version, enable cpu control
2026-03-02 15:01:07 [Info] [4672] get AssignProcessToJobObject handle [00000478]
2026-03-02 15:01:07 [Info] [4672] Set setJobExtended.
2026-03-02 15:01:07 [Info] [4672] Set cpu [9%]
2026-03-02 15:01:07 [Info] [4672] Set cpu success
2026-03-02 15:01:07 [Info] [4672] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/amsi_clean.py.md5
2026-03-02 15:01:07 [Info] [4672] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/amsi_clean.py.md5
2026-03-02 15:01:07 [Info] [4672] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 15:01:07 [Info] [4672] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 15:01:07 [Info] [4672] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/plugin/amsi_clean.py.md5, http code : 200, curl ret : 0
2026-03-02 15:01:07 [Info] [4672] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/plugin/amsi_clean.py.md5
2026-03-02 15:01:07 [Info] [4672] Prepare stage1: --amsi_clean
2026-03-02 15:01:07 [Info] [4672] Prepare stage2
2026-03-02 15:01:08 [Info] [4672] stage3: --amsi_clean
2026-03-02 15:01:08 [Info] [4672] Loader after check
2026-03-02 15:01:09 [Info] [4672] Enter reuse wait state.
2026-03-02 15:01:14 [Info] [4672] recvmsg: EXIT
2026-03-02 15:01:14 [Info] [4672] Recv Exit Msg, Exit...
2026-03-02 15:22:23 [Info] [4944] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 15:22:23 [Info] [4944] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap222141772436137 
2026-03-02 15:22:23 [Info] [4944] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 15:22:23 [Info] [4944] Resource monitor start
2026-03-02 15:22:23 [Info] [4944] ipc client init success
2026-03-02 15:22:23 [Info] [4944] Ipc init: 0
2026-03-02 15:22:23 [Info] [4944] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 15:22:29 [Info] [4944] CIpcMsgHandlerMgr::run Enter
2026-03-02 15:22:29 [Info] [4944] CResourceMonitor::run Enter
2026-03-02 15:22:30 [Info] [4944] log fd cnt is [250], real fd cnt is [218]
2026-03-02 15:22:30 [Info] [4944] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 15:22:30 [Info] [4944] start ipc thread id[3800]
2026-03-02 15:22:30 [Info] [4944] Connect Yundun ipc server return state is 0
2026-03-02 15:22:30 [Info] [4944] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 15:22:35 [Info] [4944] Loader thread
2026-03-02 15:22:35 [Info] [4944] PythonEngineImpl Init...
2026-03-02 15:22:35 [Info] [4944] Monitor thread
2026-03-02 15:22:35 [Info] [4944] Report thread
2026-03-02 15:22:35 [Info] [4944] yundun connected
2026-03-02 15:22:35 [Info] [4944] recvmsg: HELLO
2026-03-02 15:22:35 [Info] [4944] recvmsg: WORK
2026-03-02 15:22:35 [Info] [4944] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 15:22:35 [Info] [4944] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 15:22:35 [Info] [4944] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 15:22:35 [Info] [4944] log memory size is 20480KB, real memory size is 12976KB
2026-03-02 15:22:43 [Info] [4944] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 15:22:43 [Info] [4944] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 15:22:43 [Info] [4944] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 15:22:44 [Info] [4944] item: --windows-sysinfoext-check
2026-03-02 15:22:44 [Info] [4944] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 15:22:44 [Info] [4944] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 15:22:44 [Info] [4944] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 15:22:44 [Info] [4944] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 15:22:45 [Info] [4944] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-02 15:22:45 [Info] [4944] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 15:22:45 [Info] [4944] Prepare stage1: --windows-sysinfoext-check
2026-03-02 15:22:45 [Info] [4944] Prepare stage2
2026-03-02 15:22:47 [Info] [4944] log memory size is 30720KB, real memory size is 22884KB
2026-03-02 15:22:48 [Info] [4944] stage3: --windows-sysinfoext-check
2026-03-02 15:22:48 [Info] [4944] Loader after check
2026-03-02 15:22:48 [Warn] [4944] high cpu, cpu is 13
2026-03-02 15:22:48 [Info] [4944] try get sys version
2026-03-02 15:22:48 [Info] [4944] win sys info:2/10:0:3
2026-03-02 15:22:48 [Info] [4944] suit legal version, enable cpu control
2026-03-02 15:22:48 [Warn] [4944] High CPU Warning: 13
2026-03-02 15:22:48 [Warn] [4944] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-02 15:22:48 [Info] [4944] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 15:22:49 [Info] [4944] Enter reuse wait state.
2026-03-02 15:22:51 [Info] [4944] recvmsg: EXIT
2026-03-02 15:22:51 [Info] [4944] Recv Exit Msg, Exit...
2026-03-02 19:28:58 [Info] [2096] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 19:28:58 [Info] [2096] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap50091772450937 
2026-03-02 19:28:58 [Info] [2096] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 19:28:58 [Info] [2096] Resource monitor start
2026-03-02 19:28:58 [Info] [2096] ipc client init success
2026-03-02 19:28:58 [Info] [2096] Ipc init: 0
2026-03-02 19:28:58 [Info] [2096] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 19:28:58 [Info] [2096] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 19:28:58 [Info] [2096] CResourceMonitor::run Enter
2026-03-02 19:28:58 [Info] [2096] CIpcMsgHandlerMgr::run Enter
2026-03-02 19:28:58 [Info] [2096] start ipc thread id[4924]
2026-03-02 19:28:58 [Info] [2096] Connect Yundun ipc server return state is 0
2026-03-02 19:28:59 [Info] [2096] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 19:28:59 [Info] [2096] yundun connected
2026-03-02 19:28:59 [Info] [2096] Report thread
2026-03-02 19:28:59 [Info] [2096] Monitor thread
2026-03-02 19:28:59 [Info] [2096] Loader thread
2026-03-02 19:28:59 [Info] [2096] PythonEngineImpl Init...
2026-03-02 19:28:59 [Info] [2096] recvmsg: HELLO
2026-03-02 19:28:59 [Info] [2096] recvmsg: WORK
2026-03-02 19:28:59 [Info] [2096] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 19:28:59 [Info] [2096] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 19:28:59 [Info] [2096] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 19:28:59 [Info] [2096] log fd cnt is [250], real fd cnt is [282]
2026-03-02 19:28:59 [Info] [2096] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 19:29:00 [Info] [2096] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 19:29:00 [Info] [2096] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 19:29:00 [Info] [2096] log memory size is 20480KB, real memory size is 14604KB
2026-03-02 19:29:01 [Info] [2096] item: --secnet_rasp_agent
2026-03-02 19:29:01 [Info] [2096] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-02 19:29:01 [Info] [2096] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py
2026-03-02 19:29:01 [Info] [2096] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py
2026-03-02 19:29:01 [Info] [2096] Download redirect files success.
2026-03-02 19:29:01 [Info] [2096] Prepare stage1: --secnet_rasp_agent
2026-03-02 19:29:01 [Info] [2096] Prepare stage2
2026-03-02 19:29:02 [Info] [2096] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-02 19:29:02 [Info] [2096] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-02 19:29:02 [Info] [2096] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 19:29:03 [Info] [2096] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 19:29:03 [Info] [2096] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0
2026-03-02 19:29:03 [Info] [2096] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-02 19:29:03 [Info] [2096] stage3: --secnet_rasp_agent
2026-03-02 19:29:03 [Info] [2096] Loader after check
2026-03-02 19:29:04 [Info] [2096] Enter reuse wait state.
2026-03-02 19:29:04 [Info] [2096] log memory size is 30720KB, real memory size is 21192KB
2026-03-02 19:29:05 [Info] [2096] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 19:29:06 [Info] [2096] recvmsg: EXIT
2026-03-02 19:29:06 [Info] [2096] Recv Exit Msg, Exit...
2026-03-02 20:51:46 [Info] [5056] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 20:51:46 [Info] [5056] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap211901772455892 
2026-03-02 20:51:46 [Info] [5056] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 20:51:46 [Info] [5056] Resource monitor start
2026-03-02 20:51:46 [Info] [5056] ipc client init success
2026-03-02 20:51:46 [Info] [5056] Ipc init: 0
2026-03-02 20:51:46 [Info] [5056] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 20:51:46 [Info] [5056] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 20:51:46 [Info] [5056] start ipc thread id[3188]
2026-03-02 20:51:46 [Info] [5056] Connect Yundun ipc server return state is 0
2026-03-02 20:51:46 [Info] [5056] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 20:51:50 [Info] [5056] CResourceMonitor::run Enter
2026-03-02 20:51:50 [Info] [5056] CIpcMsgHandlerMgr::run Enter
2026-03-02 20:51:50 [Info] [5056] yundun connected
2026-03-02 20:51:50 [Info] [5056] Report thread
2026-03-02 20:51:50 [Info] [5056] Monitor thread
2026-03-02 20:51:50 [Info] [5056] Loader thread
2026-03-02 20:51:50 [Info] [5056] PythonEngineImpl Init...
2026-03-02 20:51:52 [Info] [5056] recvmsg: HELLO
2026-03-02 20:51:52 [Info] [5056] log fd cnt is [250], real fd cnt is [263]
2026-03-02 20:51:53 [Info] [5056] recvmsg: WORK
2026-03-02 20:51:53 [Info] [5056] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 20:51:53 [Info] [5056] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 20:51:53 [Info] [5056] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 20:51:53 [Info] [5056] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 20:51:52 [Info] [1620] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-02 20:51:52 [Info] [1620] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap212521772455911 
2026-03-02 20:51:52 [Info] [1620] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-02 20:51:52 [Info] [1620] Resource monitor start
2026-03-02 20:51:52 [Info] [1620] ipc client init success
2026-03-02 20:51:52 [Info] [1620] Ipc init: 0
2026-03-02 20:51:52 [Info] [1620] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-02 20:51:52 [Info] [1620] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-02 20:51:52 [Info] [1620] start ipc thread id[1016]
2026-03-02 20:51:52 [Info] [1620] Connect Yundun ipc server return state is 0
2026-03-02 20:51:52 [Info] [1620] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-02 20:51:53 [Info] [1620] CResourceMonitor::run Enter
2026-03-02 20:51:53 [Info] [1620] CIpcMsgHandlerMgr::run Enter
2026-03-02 20:51:53 [Info] [1620] yundun connected
2026-03-02 20:51:53 [Info] [1620] Report thread
2026-03-02 20:51:53 [Info] [1620] Monitor thread
2026-03-02 20:51:53 [Info] [1620] Loader thread
2026-03-02 20:51:53 [Info] [1620] PythonEngineImpl Init...
2026-03-02 20:51:53 [Info] [1620] recvmsg: HELLO
2026-03-02 20:51:53 [Info] [1620] recvmsg: WORK
2026-03-02 20:51:53 [Info] [5056] log memory size is 20480KB, real memory size is 13396KB
2026-03-02 20:51:53 [Info] [1620] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-02 20:51:53 [Info] [1620] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 20:51:53 [Info] [1620] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-02 20:51:53 [Info] [1620] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 20:51:54 [Info] [1620] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 20:51:54 [Info] [5056] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 20:51:54 [Info] [1620] log fd cnt is [250], real fd cnt is [282]
2026-03-02 20:51:54 [Info] [5056] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 20:51:54 [Info] [5056] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 20:51:54 [Info] [1620] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-02 20:51:54 [Info] [1620] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-02 20:51:55 [Info] [1620] log memory size is 20480KB, real memory size is 14500KB
2026-03-02 20:51:55 [Info] [1620] item: --windows-vul-check
2026-03-02 20:51:55 [Info] [5056] item: --windows-sysinfoext-check
2026-03-02 20:51:55 [Info] [5056] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 20:51:55 [Info] [5056] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 20:51:55 [Info] [5056] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 20:51:55 [Info] [5056] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 20:51:55 [Info] [1620] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-02 20:51:55 [Info] [1620] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-02 20:51:55 [Info] [5056] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-02 20:51:55 [Info] [5056] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-02 20:51:55 [Info] [1620] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/windows-vul-check.py
2026-03-02 20:51:55 [Info] [1620] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py
2026-03-02 20:51:55 [Info] [1620] Download redirect files success.
2026-03-02 20:51:55 [Info] [1620] Prepare stage1: --windows-vul-check
2026-03-02 20:51:55 [Info] [1620] Prepare stage2
2026-03-02 20:51:56 [Info] [5056] Prepare stage1: --windows-sysinfoext-check
2026-03-02 20:51:56 [Info] [5056] Prepare stage2
2026-03-02 20:51:56 [Info] [1620] start DownLoadBuffer update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat
2026-03-02 20:51:56 [Info] [1620] start do http get request for update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat
2026-03-02 20:51:56 [Info] [1620] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-02 20:51:56 [Info] [1620] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-02 20:51:57 [Info] [1620] start DownLoadBuffer aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5
2026-03-02 20:51:57 [Info] [1620] start do http get request for aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5
2026-03-02 20:51:57 [Warn] [5056] high cpu, cpu is 15
2026-03-02 20:51:57 [Info] [5056] try get sys version
2026-03-02 20:51:57 [Info] [5056] win sys info:2/10:0:3
2026-03-02 20:51:57 [Info] [5056] suit legal version, enable cpu control
2026-03-02 20:51:57 [Warn] [5056] High CPU Warning: 15
2026-03-02 20:51:57 [Warn] [5056] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:dynamic.py line: 287 in func: _ApplyTypes_
File:<COMObject winmgmts:> line: 3 in func: ExecQuery
File:wmi.py line: 1001 in func: _raw_query
File:wmi.py line: 1009 in func: query
File:wmi.py line: 817 in func: query
File:windows-sysinfoext-check.py line: 25 in func: GetSysOsVersion
File:windows-sysinfoext-check.py line: 168 in func: check
File:windows-sysinfoext-check.py line: 143 in func: main
File:windows-sysinfoext-check.py line: 200 in func: start
2026-03-02 20:51:57 [Info] [1620] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5, http code : 200, curl ret : 0
2026-03-02 20:51:57 [Info] [1620] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat, http code : 200, curl ret : 0
2026-03-02 20:51:57 [Info] [1620] http download from redirect url success with https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat
2026-03-02 20:51:57 [Info] [1620] DownLoadFile ok C:\Program Files (x86)\Alibaba\Aegis\aegis_client\aegis_12_80\rule\vuldata_v2.dat
2026-03-02 20:51:58 [Info] [1620] stage3: --windows-vul-check
2026-03-02 20:51:58 [Info] [5056] log memory size is 30720KB, real memory size is 22696KB
2026-03-02 20:51:58 [Info] [1620] Loader after check
2026-03-02 20:51:58 [Warn] [1620] high cpu, cpu is 35
2026-03-02 20:51:58 [Info] [1620] try get sys version
2026-03-02 20:51:58 [Info] [1620] win sys info:2/10:0:3
2026-03-02 20:51:58 [Info] [1620] suit legal version, enable cpu control
2026-03-02 20:51:58 [Warn] [1620] High CPU Warning: 35
2026-03-02 20:51:58 [Warn] [1620] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-02 20:51:59 [Info] [1620] Enter reuse wait state.
2026-03-02 20:51:59 [Info] [1620] log memory size is 30720KB, real memory size is 23164KB
2026-03-02 20:52:00 [Info] [5056] stage3: --windows-sysinfoext-check
2026-03-02 20:52:00 [Info] [5056] Loader after check
2026-03-02 20:52:01 [Warn] [5056] high cpu, cpu is 13
2026-03-02 20:52:01 [Warn] [5056] High CPU Warning: 13
2026-03-02 20:52:01 [Info] [5056] Enter reuse wait state.
2026-03-02 20:52:04 [Info] [5056] recvmsg: EXIT
2026-03-02 20:52:04 [Info] [5056] Recv Exit Msg, Exit...
2026-03-02 20:52:06 [Info] [1620] recvmsg: EXIT
2026-03-02 20:52:06 [Info] [1620] Recv Exit Msg, Exit...
2026-03-09 00:58:52 [Info] [3396] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 00:58:52 [Info] [3396] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap257811772989119 
2026-03-09 00:58:52 [Info] [3396] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 00:58:52 [Info] [3396] Resource monitor start
2026-03-09 00:58:52 [Info] [3396] ipc client init success
2026-03-09 00:58:52 [Info] [3396] Ipc init: 0
2026-03-09 00:58:52 [Info] [3396] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 00:58:52 [Info] [3396] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 00:58:52 [Info] [3396] start ipc thread id[1892]
2026-03-09 00:58:52 [Info] [3396] Connect Yundun ipc server return state is 0
2026-03-09 00:58:52 [Info] [3396] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 00:58:52 [Info] [3396] CResourceMonitor::run Enter
2026-03-09 00:58:52 [Info] [3396] CIpcMsgHandlerMgr::run Enter
2026-03-09 00:58:52 [Info] [3396] Report thread
2026-03-09 00:58:52 [Info] [3396] Monitor thread
2026-03-09 00:58:52 [Info] [3396] Loader thread
2026-03-09 00:58:52 [Info] [3396] PythonEngineImpl Init...
2026-03-09 00:58:57 [Info] [3396] yundun connected
2026-03-09 00:58:57 [Info] [3396] recvmsg: HELLO
2026-03-09 00:58:57 [Info] [3396] recvmsg: WORK
2026-03-09 00:58:58 [Info] [3396] log fd cnt is [250], real fd cnt is [260]
2026-03-09 00:58:59 [Info] [3396] log memory size is 20480KB, real memory size is 11068KB
2026-03-09 00:59:02 [Info] [3396] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 00:59:02 [Info] [3396] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 00:59:02 [Info] [3396] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 00:59:15 [Warn] [3396] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 00:59:25 [Warn] [3396] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 00:59:29 [Info] [3396] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-09 00:59:36 [Warn] [3396] http request fail : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 00:59:36 [Info] [3396] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 00:59:36 [Info] [3396] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 00:59:36 [Info] [3396] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 00:59:37 [Info] [3396] item: --windows-sysinfoext-check
2026-03-09 00:59:37 [Info] [3396] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 00:59:37 [Info] [3396] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 00:59:37 [Info] [3396] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 00:59:37 [Info] [3396] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 00:59:37 [Info] [3396] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-09 00:59:37 [Info] [3396] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 00:59:38 [Info] [3396] Prepare stage1: --windows-sysinfoext-check
2026-03-09 00:59:38 [Info] [3396] Prepare stage2
2026-03-09 00:59:38 [Warn] [3396] high cpu, cpu is 21
2026-03-09 00:59:38 [Info] [3396] try get sys version
2026-03-09 00:59:38 [Info] [3396] win sys info:2/10:0:3
2026-03-09 00:59:38 [Info] [3396] suit legal version, enable cpu control
2026-03-09 00:59:38 [Warn] [3396] High CPU Warning: 21
2026-03-09 00:59:39 [Warn] [3396] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
2026-03-09 00:59:39 [Info] [3396] stage3: --windows-sysinfoext-check
2026-03-09 00:59:39 [Info] [3396] Loader after check
2026-03-09 00:59:40 [Info] [3396] log memory size is 30720KB, real memory size is 22916KB
2026-03-09 00:59:40 [Info] [3396] Enter reuse wait state.
2026-03-09 00:59:46 [Info] [3396] recvmsg: EXIT
2026-03-09 00:59:46 [Info] [3396] Recv Exit Msg, Exit...
2026-03-09 06:28:18 [Info] [996] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 06:28:18 [Info] [996] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap248091773008890 
2026-03-09 06:28:18 [Info] [996] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 06:28:18 [Info] [996] Resource monitor start
2026-03-09 06:28:18 [Info] [996] ipc client init success
2026-03-09 06:28:18 [Info] [996] Ipc init: 0
2026-03-09 06:28:18 [Info] [996] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 06:28:18 [Info] [996] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 06:28:18 [Info] [996] start ipc thread id[2420]
2026-03-09 06:28:18 [Info] [996] Connect Yundun ipc server return state is 0
2026-03-09 06:28:18 [Info] [996] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 06:28:18 [Info] [996] CResourceMonitor::run Enter
2026-03-09 06:28:18 [Info] [996] CIpcMsgHandlerMgr::run Enter
2026-03-09 06:28:18 [Info] [996] Report thread
2026-03-09 06:28:18 [Info] [996] Monitor thread
2026-03-09 06:28:24 [Info] [996] yundun connected
2026-03-09 06:28:24 [Info] [996] Loader thread
2026-03-09 06:28:24 [Info] [996] PythonEngineImpl Init...
2026-03-09 06:28:26 [Info] [996] log fd cnt is [250], real fd cnt is [261]
2026-03-09 06:28:26 [Info] [996] recvmsg: HELLO
2026-03-09 06:28:26 [Info] [996] recvmsg: WORK
2026-03-09 06:28:26 [Info] [996] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 06:28:26 [Info] [996] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 06:28:26 [Info] [996] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 06:28:27 [Info] [996] log memory size is 20480KB, real memory size is 12984KB
2026-03-09 06:28:45 [Warn] [996] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 06:28:49 [Info] [996] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-09 06:28:55 [Warn] [996] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 06:29:06 [Warn] [996] http request fail : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 06:29:06 [Info] [996] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 06:29:06 [Info] [996] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 06:29:06 [Info] [996] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 06:29:07 [Info] [996] item: --windows-sysinfoext-check
2026-03-09 06:29:07 [Info] [996] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 06:29:07 [Info] [996] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 06:29:07 [Info] [996] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 06:29:07 [Info] [996] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 06:29:07 [Info] [996] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-09 06:29:07 [Info] [996] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 06:29:08 [Info] [996] Prepare stage1: --windows-sysinfoext-check
2026-03-09 06:29:08 [Info] [996] Prepare stage2
2026-03-09 06:29:09 [Warn] [996] high cpu, cpu is 17
2026-03-09 06:29:09 [Info] [996] try get sys version
2026-03-09 06:29:09 [Info] [996] win sys info:2/10:0:3
2026-03-09 06:29:09 [Info] [996] suit legal version, enable cpu control
2026-03-09 06:29:09 [Warn] [996] High CPU Warning: 17
2026-03-09 06:29:09 [Warn] [996] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
2026-03-09 06:29:09 [Info] [996] stage3: --windows-sysinfoext-check
2026-03-09 06:29:09 [Info] [996] Loader after check
2026-03-09 06:29:10 [Info] [996] Enter reuse wait state.
2026-03-09 06:29:12 [Info] [996] recvmsg: EXIT
2026-03-09 06:29:12 [Info] [996] Recv Exit Msg, Exit...
2026-03-09 06:29:12 [Info] [996] log memory size is 30720KB, real memory size is 23028KB
2026-03-09 07:54:24 [Info] [3176] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 07:54:24 [Info] [3176] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap89371773014064 
2026-03-09 07:54:24 [Info] [3176] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 07:54:24 [Info] [3176] Resource monitor start
2026-03-09 07:54:24 [Info] [3176] ipc client init success
2026-03-09 07:54:24 [Info] [3176] Ipc init: 0
2026-03-09 07:54:24 [Info] [3176] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 07:54:24 [Info] [3176] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 07:54:24 [Info] [3176] start ipc thread id[588]
2026-03-09 07:54:24 [Info] [3176] Connect Yundun ipc server return state is 0
2026-03-09 07:54:24 [Info] [3176] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 07:54:24 [Info] [3176] CResourceMonitor::run Enter
2026-03-09 07:54:24 [Info] [3176] CIpcMsgHandlerMgr::run Enter
2026-03-09 07:54:24 [Info] [3176] Report thread
2026-03-09 07:54:24 [Info] [3176] Monitor thread
2026-03-09 07:54:24 [Info] [3176] Loader thread
2026-03-09 07:54:24 [Info] [3176] PythonEngineImpl Init...
2026-03-09 07:54:25 [Info] [3176] yundun connected
2026-03-09 07:54:25 [Info] [3176] recvmsg: HELLO
2026-03-09 07:54:25 [Info] [3176] recvmsg: WORK
2026-03-09 07:54:25 [Info] [3176] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 07:54:25 [Info] [3176] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 07:54:25 [Info] [3176] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 07:54:25 [Info] [3176] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 07:54:25 [Info] [3176] log fd cnt is [250], real fd cnt is [282]
2026-03-09 07:54:25 [Info] [3176] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 07:54:25 [Info] [3176] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 07:54:26 [Info] [3176] log memory size is 20480KB, real memory size is 14528KB
2026-03-09 07:54:27 [Info] [3176] item: --windows-vul-clean
2026-03-09 07:54:27 [Info] [3176] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-09 07:54:27 [Info] [3176] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-09 07:54:27 [Info] [3176] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 07:54:27 [Info] [3176] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 07:54:27 [Info] [3176] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5, http code : 200, curl ret : 0
2026-03-09 07:54:27 [Info] [3176] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5
2026-03-09 07:54:27 [Info] [3176] Prepare stage1: --windows-vul-clean
2026-03-09 07:54:27 [Info] [3176] Prepare stage2
2026-03-09 07:54:27 [Info] [3176] stage3: --windows-vul-clean
2026-03-09 07:54:27 [Info] [3176] Loader after check
2026-03-09 07:54:28 [Info] [3176] Enter reuse wait state.
2026-03-09 07:54:32 [Info] [3176] recvmsg: EXIT
2026-03-09 07:54:32 [Info] [3176] Recv Exit Msg, Exit...
2026-03-09 08:59:30 [Info] [3608] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 08:59:30 [Info] [3608] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap216921773017970 
2026-03-09 08:59:30 [Info] [3608] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 08:59:30 [Info] [3608] Resource monitor start
2026-03-09 08:59:30 [Info] [3608] ipc client init success
2026-03-09 08:59:30 [Info] [3608] Ipc init: 0
2026-03-09 08:59:30 [Info] [3608] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 08:59:30 [Info] [3608] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 08:59:30 [Info] [3608] start ipc thread id[4100]
2026-03-09 08:59:30 [Info] [3608] Connect Yundun ipc server return state is 0
2026-03-09 08:59:30 [Info] [3608] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 08:59:30 [Info] [3608] CResourceMonitor::run Enter
2026-03-09 08:59:30 [Info] [3608] CIpcMsgHandlerMgr::run Enter
2026-03-09 08:59:30 [Info] [3608] Report thread
2026-03-09 08:59:30 [Info] [3608] Monitor thread
2026-03-09 08:59:30 [Info] [3608] Loader thread
2026-03-09 08:59:30 [Info] [3608] PythonEngineImpl Init...
2026-03-09 08:59:30 [Info] [3608] yundun connected
2026-03-09 08:59:31 [Info] [3608] recvmsg: HELLO
2026-03-09 08:59:31 [Info] [3608] log fd cnt is [250], real fd cnt is [263]
2026-03-09 08:59:32 [Info] [3608] recvmsg: WORK
2026-03-09 08:59:32 [Info] [3608] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 08:59:32 [Info] [3608] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 08:59:32 [Info] [3608] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 08:59:32 [Info] [3608] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 08:59:32 [Info] [3608] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 08:59:32 [Info] [3608] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 08:59:32 [Info] [3608] log memory size is 20480KB, real memory size is 14504KB
2026-03-09 08:59:33 [Info] [3608] item: --windows-process-check
2026-03-09 08:59:33 [Info] [3608] cgroup name aegisRtap0
2026-03-09 08:59:33 [Info] [3608] try get sys version
2026-03-09 08:59:33 [Info] [3608] win sys info:2/10:0:3
2026-03-09 08:59:33 [Info] [3608] suit legal version, enable cpu control
2026-03-09 08:59:33 [Info] [3608] get AssignProcessToJobObject handle [00000478]
2026-03-09 08:59:33 [Info] [3608] Set setJobExtended.
2026-03-09 08:59:33 [Info] [3608] Set cpu [9%]
2026-03-09 08:59:33 [Info] [3608] Set cpu success
2026-03-09 08:59:33 [Info] [3608] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-09 08:59:33 [Info] [3608] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-09 08:59:33 [Info] [3608] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 08:59:33 [Info] [3608] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 08:59:33 [Info] [3608] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5, http code : 200, curl ret : 0
2026-03-09 08:59:33 [Info] [3608] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5
2026-03-09 08:59:34 [Info] [3608] Prepare stage1: --windows-process-check
2026-03-09 08:59:34 [Info] [3608] Prepare stage2
2026-03-09 08:59:45 [Info] [3608] log memory size is 30720KB, real memory size is 20568KB
2026-03-09 08:59:51 [Info] [3608] stage3: --windows-process-check
2026-03-09 08:59:51 [Info] [3608] Loader after check
2026-03-09 08:59:52 [Info] [3608] Enter reuse wait state.
2026-03-09 08:59:54 [Info] [3608] recvmsg: EXIT
2026-03-09 08:59:54 [Info] [3608] Recv Exit Msg, Exit...
2026-03-09 10:33:54 [Info] [2644] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 10:33:54 [Info] [2644] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap74171773023633 
2026-03-09 10:33:54 [Info] [2644] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 10:33:55 [Info] [2644] Resource monitor start
2026-03-09 10:33:55 [Info] [2644] ipc client init success
2026-03-09 10:33:55 [Info] [2644] Ipc init: 0
2026-03-09 10:33:55 [Info] [2644] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 10:33:55 [Info] [2644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 10:33:55 [Info] [2644] CResourceMonitor::run Enter
2026-03-09 10:33:55 [Info] [2644] CIpcMsgHandlerMgr::run Enter
2026-03-09 10:33:55 [Info] [2644] start ipc thread id[2172]
2026-03-09 10:33:55 [Info] [2644] Connect Yundun ipc server return state is 0
2026-03-09 10:33:55 [Info] [2644] yundun connected
2026-03-09 10:33:55 [Info] [2644] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 10:33:55 [Info] [2644] Report thread
2026-03-09 10:33:55 [Info] [2644] Monitor thread
2026-03-09 10:33:55 [Info] [2644] Loader thread
2026-03-09 10:33:55 [Info] [2644] PythonEngineImpl Init...
2026-03-09 10:33:55 [Info] [2644] recvmsg: HELLO
2026-03-09 10:33:55 [Info] [2644] recvmsg: WORK
2026-03-09 10:33:55 [Info] [2644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:33:55 [Info] [2644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:33:55 [Info] [2644] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:33:56 [Info] [2644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:33:56 [Info] [2644] log fd cnt is [250], real fd cnt is [282]
2026-03-09 10:33:56 [Info] [2644] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 10:33:56 [Info] [2644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 10:33:57 [Info] [2644] log memory size is 20480KB, real memory size is 14612KB
2026-03-09 10:33:58 [Info] [2644] item: --windows-schedule-task-check
2026-03-09 10:33:58 [Info] [2644] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-09 10:33:58 [Info] [2644] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-09 10:33:58 [Info] [2644] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:33:58 [Info] [2644] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:33:59 [Info] [2644] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0
2026-03-09 10:33:59 [Info] [2644] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5
2026-03-09 10:33:59 [Info] [2644] Prepare stage1: --windows-schedule-task-check
2026-03-09 10:33:59 [Info] [2644] Prepare stage2
2026-03-09 10:34:06 [Info] [2644] log memory size is 30720KB, real memory size is 23264KB
2026-03-09 10:34:32 [Info] [800] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 10:34:32 [Info] [800] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap75441773023672 
2026-03-09 10:34:32 [Info] [800] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 10:34:32 [Info] [800] Resource monitor start
2026-03-09 10:34:32 [Info] [800] ipc client init success
2026-03-09 10:34:32 [Info] [800] Ipc init: 0
2026-03-09 10:34:32 [Info] [800] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 10:34:32 [Info] [800] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 10:34:32 [Info] [800] start ipc thread id[3396]
2026-03-09 10:34:32 [Info] [800] Connect Yundun ipc server return state is 0
2026-03-09 10:34:32 [Info] [800] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 10:34:32 [Info] [800] CResourceMonitor::run Enter
2026-03-09 10:34:32 [Info] [800] CIpcMsgHandlerMgr::run Enter
2026-03-09 10:34:32 [Info] [800] Report thread
2026-03-09 10:34:32 [Info] [800] Monitor thread
2026-03-09 10:34:32 [Info] [800] Loader thread
2026-03-09 10:34:32 [Info] [800] PythonEngineImpl Init...
2026-03-09 10:34:32 [Info] [800] yundun connected
2026-03-09 10:34:33 [Info] [800] recvmsg: HELLO
2026-03-09 10:34:33 [Info] [800] recvmsg: WORK
2026-03-09 10:34:33 [Info] [800] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:34:33 [Info] [800] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:34:33 [Info] [800] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:34:33 [Info] [800] log fd cnt is [250], real fd cnt is [282]
2026-03-09 10:34:33 [Info] [800] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:34:33 [Info] [800] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 10:34:33 [Info] [800] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 10:34:34 [Info] [800] log memory size is 20480KB, real memory size is 14512KB
2026-03-09 10:34:34 [Info] [800] item: --windows-driver-version-check
2026-03-09 10:34:34 [Info] [800] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-09 10:34:34 [Info] [800] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-09 10:34:34 [Info] [800] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:34:34 [Info] [800] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:34:34 [Info] [800] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0
2026-03-09 10:34:34 [Info] [800] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5
2026-03-09 10:34:35 [Info] [800] Prepare stage1: --windows-driver-version-check
2026-03-09 10:34:35 [Info] [800] Prepare stage2
2026-03-09 10:34:35 [Info] [800] stage3: --windows-driver-version-check
2026-03-09 10:34:35 [Info] [800] Loader after check
2026-03-09 10:34:36 [Info] [800] Enter reuse wait state.
2026-03-09 10:34:38 [Info] [2644] stage3: --windows-schedule-task-check
2026-03-09 10:34:38 [Info] [2644] Loader after check
2026-03-09 10:34:39 [Info] [2644] Enter reuse wait state.
2026-03-09 10:34:40 [Info] [800] recvmsg: EXIT
2026-03-09 10:34:40 [Info] [800] Recv Exit Msg, Exit...
2026-03-09 10:34:46 [Info] [2644] recvmsg: EXIT
2026-03-09 10:34:46 [Info] [2644] Recv Exit Msg, Exit...
2026-03-09 10:48:18 [Info] [608] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 10:48:18 [Info] [608] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap102421773024498 
2026-03-09 10:48:18 [Info] [608] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 10:48:18 [Info] [608] Resource monitor start
2026-03-09 10:48:18 [Info] [608] ipc client init success
2026-03-09 10:48:18 [Info] [608] Ipc init: 0
2026-03-09 10:48:18 [Info] [608] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 10:48:18 [Info] [608] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 10:48:18 [Info] [608] start ipc thread id[2240]
2026-03-09 10:48:18 [Info] [608] Connect Yundun ipc server return state is 0
2026-03-09 10:48:18 [Info] [608] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 10:48:18 [Info] [608] CResourceMonitor::run Enter
2026-03-09 10:48:18 [Info] [608] CIpcMsgHandlerMgr::run Enter
2026-03-09 10:48:18 [Info] [608] Report thread
2026-03-09 10:48:18 [Info] [608] Monitor thread
2026-03-09 10:48:18 [Info] [608] Loader thread
2026-03-09 10:48:18 [Info] [608] PythonEngineImpl Init...
2026-03-09 10:48:18 [Info] [608] yundun connected
2026-03-09 10:48:19 [Info] [608] recvmsg: HELLO
2026-03-09 10:48:19 [Info] [608] recvmsg: WORK
2026-03-09 10:48:19 [Info] [608] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:48:19 [Info] [608] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 10:48:19 [Info] [608] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:48:19 [Info] [608] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:48:19 [Info] [608] log fd cnt is [250], real fd cnt is [282]
2026-03-09 10:48:19 [Info] [608] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 10:48:19 [Info] [608] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 10:48:20 [Info] [608] log memory size is 20480KB, real memory size is 14508KB
2026-03-09 10:48:21 [Info] [608] item: --windows-registry-check
2026-03-09 10:48:21 [Info] [608] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-09 10:48:21 [Info] [608] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-09 10:48:21 [Info] [608] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 10:48:21 [Info] [608] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 10:48:21 [Info] [608] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0
2026-03-09 10:48:21 [Info] [608] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5
2026-03-09 10:48:21 [Info] [608] Prepare stage1: --windows-registry-check
2026-03-09 10:48:21 [Info] [608] Prepare stage2
2026-03-09 10:48:50 [Info] [608] stage3: --windows-registry-check
2026-03-09 10:48:50 [Info] [608] Loader after check
2026-03-09 10:48:51 [Info] [608] Enter reuse wait state.
2026-03-09 10:48:54 [Info] [608] recvmsg: EXIT
2026-03-09 10:48:54 [Info] [608] Recv Exit Msg, Exit...
2026-03-09 11:12:14 [Info] [3244] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 11:12:14 [Info] [3244] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap149311773025934 
2026-03-09 11:12:14 [Info] [3244] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 11:12:14 [Info] [3244] Resource monitor start
2026-03-09 11:12:14 [Info] [3244] ipc client init success
2026-03-09 11:12:14 [Info] [3244] Ipc init: 0
2026-03-09 11:12:14 [Info] [3244] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 11:12:14 [Info] [3244] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 11:12:14 [Info] [3244] start ipc thread id[3380]
2026-03-09 11:12:14 [Info] [3244] Connect Yundun ipc server return state is 0
2026-03-09 11:12:14 [Info] [3244] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 11:12:14 [Info] [3244] CResourceMonitor::run Enter
2026-03-09 11:12:14 [Info] [3244] CIpcMsgHandlerMgr::run Enter
2026-03-09 11:12:14 [Info] [3244] Report thread
2026-03-09 11:12:14 [Info] [3244] Monitor thread
2026-03-09 11:12:14 [Info] [3244] Loader thread
2026-03-09 11:12:14 [Info] [3244] PythonEngineImpl Init...
2026-03-09 11:12:14 [Info] [3244] yundun connected
2026-03-09 11:12:15 [Info] [3244] recvmsg: HELLO
2026-03-09 11:12:15 [Info] [3244] log fd cnt is [250], real fd cnt is [263]
2026-03-09 11:12:15 [Info] [3244] recvmsg: WORK
2026-03-09 11:12:16 [Info] [3244] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:12:16 [Info] [3244] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:12:16 [Info] [3244] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:12:16 [Info] [3244] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:12:16 [Info] [3244] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 11:12:16 [Info] [3244] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 11:12:16 [Info] [3244] log memory size is 20480KB, real memory size is 14484KB
2026-03-09 11:12:17 [Info] [3244] item: --windows-autorun-item-check
2026-03-09 11:12:17 [Info] [3244] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-09 11:12:17 [Info] [3244] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-09 11:12:17 [Info] [3244] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:12:17 [Info] [3244] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:12:17 [Info] [3244] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0
2026-03-09 11:12:17 [Info] [3244] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5
2026-03-09 11:12:17 [Info] [3244] Prepare stage1: --windows-autorun-item-check
2026-03-09 11:12:17 [Info] [3244] Prepare stage2
2026-03-09 11:12:20 [Info] [3244] log memory size is 30720KB, real memory size is 22284KB
2026-03-09 11:12:27 [Warn] [3244] high cpu, cpu is 12
2026-03-09 11:12:27 [Info] [3244] try get sys version
2026-03-09 11:12:27 [Info] [3244] win sys info:2/10:0:3
2026-03-09 11:12:27 [Info] [3244] suit legal version, enable cpu control
2026-03-09 11:12:27 [Warn] [3244] High CPU Warning: 12
2026-03-09 11:12:28 [Warn] [3244] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:windows-autorun-item-check.py line: 514 in func: check
File:windows-autorun-item-check.py line: 80 in func: main
File:windows-autorun-item-check.py line: 534 in func: start
2026-03-09 11:12:28 [Info] [3244] stage3: --windows-autorun-item-check
2026-03-09 11:12:28 [Info] [3244] Loader after check
2026-03-09 11:12:29 [Info] [3244] Enter reuse wait state.
2026-03-09 11:12:30 [Info] [3244] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-09 11:12:34 [Info] [3244] recvmsg: EXIT
2026-03-09 11:12:34 [Info] [3244] Recv Exit Msg, Exit...
2026-03-09 11:26:15 [Info] [4320] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 11:26:15 [Info] [4320] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap176781773026775 
2026-03-09 11:26:15 [Info] [4320] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 11:26:15 [Info] [4320] Resource monitor start
2026-03-09 11:26:15 [Info] [4320] ipc client init success
2026-03-09 11:26:15 [Info] [4320] Ipc init: 0
2026-03-09 11:26:15 [Info] [4320] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 11:26:15 [Info] [4320] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 11:26:15 [Info] [4320] start ipc thread id[800]
2026-03-09 11:26:15 [Info] [4320] Connect Yundun ipc server return state is 0
2026-03-09 11:26:15 [Info] [4320] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 11:26:15 [Info] [4320] CResourceMonitor::run Enter
2026-03-09 11:26:15 [Info] [4320] CIpcMsgHandlerMgr::run Enter
2026-03-09 11:26:15 [Info] [4320] Report thread
2026-03-09 11:26:15 [Info] [4320] Monitor thread
2026-03-09 11:26:15 [Info] [4320] Loader thread
2026-03-09 11:26:15 [Info] [4320] PythonEngineImpl Init...
2026-03-09 11:26:15 [Info] [4320] yundun connected
2026-03-09 11:26:15 [Info] [4320] recvmsg: HELLO
2026-03-09 11:26:15 [Info] [4320] recvmsg: WORK
2026-03-09 11:26:15 [Info] [4320] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:26:15 [Info] [4320] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:26:15 [Info] [4320] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:26:16 [Info] [4320] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:26:16 [Info] [4320] log fd cnt is [250], real fd cnt is [282]
2026-03-09 11:26:16 [Info] [4320] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 11:26:16 [Info] [4320] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 11:26:17 [Info] [4320] log memory size is 20480KB, real memory size is 14504KB
2026-03-09 11:26:17 [Info] [4320] item: --sca
2026-03-09 11:26:17 [Info] [4320] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-09 11:26:17 [Info] [4320] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-09 11:26:17 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca.py
2026-03-09 11:26:17 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py
2026-03-09 11:26:17 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_utils.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_common_proc.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/1757387557_sca_new_rules_2_35_0_official/win32/plugin/sca_java_proc.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py
2026-03-09 11:26:18 [Info] [4320] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py
2026-03-09 11:26:18 [Info] [4320] Download redirect files success.
2026-03-09 11:26:18 [Info] [4320] Prepare stage1: --sca
2026-03-09 11:26:18 [Info] [4320] Prepare stage2
2026-03-09 11:26:21 [Warn] [4320] high cpu, cpu is 21
2026-03-09 11:26:21 [Info] [4320] try get sys version
2026-03-09 11:26:21 [Info] [4320] win sys info:2/10:0:3
2026-03-09 11:26:21 [Info] [4320] suit legal version, enable cpu control
2026-03-09 11:26:21 [Warn] [4320] High CPU Warning: 21
2026-03-09 11:26:21 [Warn] [4320] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:sca.py line: 199 in func: init_analyzer
File:sca.py line: 390 in func: start
2026-03-09 11:26:22 [Info] [4320] log memory size is 30720KB, real memory size is 32240KB
2026-03-09 11:26:26 [Info] [4320] log memory size is 40960KB, real memory size is 32820KB
2026-03-09 11:26:50 [Info] [4320] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-09 11:26:55 [Warn] [4320] high cpu, cpu is 27
2026-03-09 11:26:55 [Warn] [4320] High CPU Warning: 27
2026-03-09 11:26:55 [Warn] [4320] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:sca_utils.py line: 3605 in func: get_listening_by_pid
File:sca_utils.py line: 3629 in func: listening
File:sca.py line: 205 in func: init_analyzer
File:sca.py line: 390 in func: start
2026-03-09 11:26:57 [Info] [4320] stage3: --sca
2026-03-09 11:26:57 [Info] [4320] Loader after check
2026-03-09 11:26:58 [Info] [4320] Enter reuse wait state.
2026-03-09 11:27:03 [Info] [4320] recvmsg: EXIT
2026-03-09 11:27:03 [Info] [4320] Recv Exit Msg, Exit...
2026-03-09 11:51:36 [Info] [3060] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 11:51:36 [Info] [3060] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap226441773028296 
2026-03-09 11:51:36 [Info] [3060] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 11:51:36 [Info] [3060] Resource monitor start
2026-03-09 11:51:36 [Info] [3060] ipc client init success
2026-03-09 11:51:36 [Info] [3060] Ipc init: 0
2026-03-09 11:51:36 [Info] [3060] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 11:51:36 [Info] [3060] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 11:51:36 [Info] [3060] start ipc thread id[4292]
2026-03-09 11:51:36 [Info] [3060] Connect Yundun ipc server return state is 0
2026-03-09 11:51:36 [Info] [3060] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 11:51:36 [Info] [3060] CResourceMonitor::run Enter
2026-03-09 11:51:36 [Info] [3060] CIpcMsgHandlerMgr::run Enter
2026-03-09 11:51:36 [Info] [3060] Report thread
2026-03-09 11:51:36 [Info] [3060] Monitor thread
2026-03-09 11:51:36 [Info] [3060] Loader thread
2026-03-09 11:51:36 [Info] [3060] PythonEngineImpl Init...
2026-03-09 11:51:36 [Info] [3060] yundun connected
2026-03-09 11:51:36 [Info] [3060] recvmsg: HELLO
2026-03-09 11:51:36 [Info] [3060] recvmsg: WORK
2026-03-09 11:51:36 [Info] [3060] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:51:36 [Info] [3060] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:51:36 [Info] [3060] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:51:37 [Info] [3060] log fd cnt is [250], real fd cnt is [282]
2026-03-09 11:51:37 [Info] [3060] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:51:37 [Info] [3060] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 11:51:37 [Info] [3060] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 11:51:38 [Info] [3060] log memory size is 20480KB, real memory size is 14488KB
2026-03-09 11:51:38 [Info] [3060] item: --tcp-connect-check
2026-03-09 11:51:38 [Info] [3060] cgroup name aegisRtap0
2026-03-09 11:51:38 [Info] [3060] try get sys version
2026-03-09 11:51:38 [Info] [3060] win sys info:2/10:0:3
2026-03-09 11:51:38 [Info] [3060] suit legal version, enable cpu control
2026-03-09 11:51:38 [Info] [3060] get AssignProcessToJobObject handle [00000478]
2026-03-09 11:51:38 [Info] [3060] Set setJobExtended.
2026-03-09 11:51:38 [Info] [3060] Set cpu [9%]
2026-03-09 11:51:38 [Info] [3060] Set cpu success
2026-03-09 11:51:38 [Info] [3060] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-09 11:51:38 [Info] [3060] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-09 11:51:38 [Info] [3060] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:51:38 [Info] [3060] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:51:38 [Info] [3060] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0
2026-03-09 11:51:38 [Info] [3060] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5
2026-03-09 11:51:38 [Info] [3060] Prepare stage1: --tcp-connect-check
2026-03-09 11:51:38 [Info] [3060] Prepare stage2
2026-03-09 11:51:42 [Info] [3060] stage3: --tcp-connect-check
2026-03-09 11:51:42 [Info] [3060] Loader after check
2026-03-09 11:51:43 [Info] [3060] Enter reuse wait state.
2026-03-09 11:51:47 [Info] [3060] recvmsg: EXIT
2026-03-09 11:51:47 [Info] [3060] Recv Exit Msg, Exit...
2026-03-09 11:58:02 [Info] [3864] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 11:58:02 [Info] [3864] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap238401773028662 
2026-03-09 11:58:02 [Info] [3864] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 11:58:02 [Info] [3864] Resource monitor start
2026-03-09 11:58:02 [Info] [3864] ipc client init success
2026-03-09 11:58:02 [Info] [3864] Ipc init: 0
2026-03-09 11:58:02 [Info] [3864] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 11:58:02 [Info] [3864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 11:58:02 [Info] [3864] start ipc thread id[4496]
2026-03-09 11:58:02 [Info] [3864] Connect Yundun ipc server return state is 0
2026-03-09 11:58:02 [Info] [3864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 11:58:05 [Info] [3864] CResourceMonitor::run Enter
2026-03-09 11:58:05 [Info] [3864] CIpcMsgHandlerMgr::run Enter
2026-03-09 11:58:05 [Info] [3864] yundun connected
2026-03-09 11:58:05 [Info] [3864] Report thread
2026-03-09 11:58:05 [Info] [3864] Monitor thread
2026-03-09 11:58:05 [Info] [3864] Loader thread
2026-03-09 11:58:05 [Info] [3864] PythonEngineImpl Init...
2026-03-09 11:58:05 [Info] [3864] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-09 11:58:05 [Info] [3864] recvmsg: HELLO
2026-03-09 11:58:06 [Info] [3864] recvmsg: WORK
2026-03-09 11:58:06 [Info] [3864] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:58:06 [Info] [3864] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 11:58:06 [Info] [3864] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:58:06 [Info] [3864] log fd cnt is [250], real fd cnt is [274]
2026-03-09 11:58:07 [Info] [3864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:58:07 [Info] [3864] log memory size is 20480KB, real memory size is 14344KB
2026-03-09 11:58:07 [Info] [3864] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 11:58:07 [Info] [3864] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 11:58:08 [Info] [3864] item: --windows-sysinfoext-check
2026-03-09 11:58:08 [Info] [3864] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 11:58:08 [Info] [3864] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 11:58:08 [Info] [3864] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 11:58:08 [Info] [3864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 11:58:08 [Info] [3864] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-09 11:58:08 [Info] [3864] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 11:58:09 [Info] [3864] Prepare stage1: --windows-sysinfoext-check
2026-03-09 11:58:09 [Info] [3864] Prepare stage2
2026-03-09 11:58:11 [Info] [3864] log memory size is 30720KB, real memory size is 22724KB
2026-03-09 11:58:13 [Info] [3864] stage3: --windows-sysinfoext-check
2026-03-09 11:58:13 [Info] [3864] Loader after check
2026-03-09 11:58:14 [Info] [3864] Enter reuse wait state.
2026-03-09 11:58:18 [Info] [3864] recvmsg: EXIT
2026-03-09 11:58:18 [Info] [3864] Recv Exit Msg, Exit...
2026-03-09 17:26:39 [Info] [3316] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 17:26:39 [Info] [3316] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap227241773048389 
2026-03-09 17:26:39 [Info] [3316] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 17:26:39 [Info] [3316] Resource monitor start
2026-03-09 17:26:39 [Info] [3316] ipc client init success
2026-03-09 17:26:39 [Info] [3316] Ipc init: 0
2026-03-09 17:26:39 [Info] [3316] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 17:26:39 [Info] [3316] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 17:26:39 [Info] [3316] start ipc thread id[168]
2026-03-09 17:26:39 [Info] [3316] Connect Yundun ipc server return state is 0
2026-03-09 17:26:39 [Info] [3316] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 17:26:39 [Info] [3316] CResourceMonitor::run Enter
2026-03-09 17:26:39 [Info] [3316] CIpcMsgHandlerMgr::run Enter
2026-03-09 17:26:39 [Info] [3316] Report thread
2026-03-09 17:26:39 [Info] [3316] Monitor thread
2026-03-09 17:26:39 [Info] [3316] Loader thread
2026-03-09 17:26:39 [Info] [3316] PythonEngineImpl Init...
2026-03-09 17:26:44 [Info] [3316] yundun connected
2026-03-09 17:26:45 [Info] [3316] log fd cnt is [250], real fd cnt is [261]
2026-03-09 17:26:45 [Info] [3316] recvmsg: HELLO
2026-03-09 17:26:45 [Info] [3316] recvmsg: WORK
2026-03-09 17:26:46 [Info] [3316] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 17:26:46 [Info] [3316] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 17:26:46 [Info] [3316] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 17:26:47 [Info] [3316] log memory size is 20480KB, real memory size is 12940KB
2026-03-09 17:27:05 [Warn] [3316] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 17:27:15 [Warn] [3316] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 17:27:25 [Warn] [3316] http request fail : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-09 17:27:25 [Info] [3316] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 17:27:25 [Info] [3316] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 17:27:25 [Info] [3316] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 17:27:27 [Info] [3316] item: --windows-sysinfoext-check
2026-03-09 17:27:27 [Info] [3316] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 17:27:27 [Info] [3316] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 17:27:27 [Info] [3316] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 17:27:27 [Info] [3316] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 17:27:27 [Info] [3316] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-09 17:27:27 [Info] [3316] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 17:27:27 [Info] [3316] Prepare stage1: --windows-sysinfoext-check
2026-03-09 17:27:27 [Info] [3316] Prepare stage2
2026-03-09 17:27:28 [Warn] [3316] high cpu, cpu is 14
2026-03-09 17:27:28 [Info] [3316] try get sys version
2026-03-09 17:27:28 [Info] [3316] win sys info:2/10:0:3
2026-03-09 17:27:28 [Info] [3316] suit legal version, enable cpu control
2026-03-09 17:27:28 [Warn] [3316] High CPU Warning: 14
2026-03-09 17:27:28 [Warn] [3316] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:dynamic.py line: 406 in func: _LazyAddAttr_
File:dynamic.py line: 388 in func: __LazyMap__
File:dynamic.py line: 493 in func: __getattr__
File:wmi.py line: 492 in func: __init__
File:wmi.py line: 1009 in func: query
File:wmi.py line: 817 in func: query
File:windows-sysinfoext-check.py line: 25 in func: GetSysOsVersion
File:windows-sysinfoext-check.py line: 168 in func: check
File:windows-sysinfoext-check.py line: 143 in func: main
File:windows-sysinfoext-check.py line: 200 in func: start
2026-03-09 17:27:29 [Info] [3316] stage3: --windows-sysinfoext-check
2026-03-09 17:27:29 [Info] [3316] Loader after check
2026-03-09 17:27:30 [Warn] [3316] high cpu, cpu is 15
2026-03-09 17:27:30 [Warn] [3316] High CPU Warning: 15
2026-03-09 17:27:30 [Info] [3316] Enter reuse wait state.
2026-03-09 17:27:31 [Info] [3316] log memory size is 30720KB, real memory size is 23008KB
2026-03-09 17:27:33 [Info] [3316] recvmsg: EXIT
2026-03-09 17:27:33 [Info] [3316] Recv Exit Msg, Exit...
2026-03-09 19:28:13 [Info] [5116] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 19:28:13 [Info] [5116] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap138081773055693 
2026-03-09 19:28:13 [Info] [5116] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 19:28:13 [Info] [5116] Resource monitor start
2026-03-09 19:28:13 [Info] [5116] ipc client init success
2026-03-09 19:28:13 [Info] [5116] Ipc init: 0
2026-03-09 19:28:13 [Info] [5116] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 19:28:13 [Info] [5116] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 19:28:13 [Info] [5116] start ipc thread id[4456]
2026-03-09 19:28:13 [Info] [5116] Connect Yundun ipc server return state is 0
2026-03-09 19:28:13 [Info] [5116] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 19:28:13 [Info] [5116] CResourceMonitor::run Enter
2026-03-09 19:28:13 [Info] [5116] CIpcMsgHandlerMgr::run Enter
2026-03-09 19:28:13 [Info] [5116] Report thread
2026-03-09 19:28:13 [Info] [5116] Monitor thread
2026-03-09 19:28:13 [Info] [5116] Loader thread
2026-03-09 19:28:13 [Info] [5116] PythonEngineImpl Init...
2026-03-09 19:28:13 [Info] [5116] yundun connected
2026-03-09 19:28:13 [Info] [5116] recvmsg: HELLO
2026-03-09 19:28:13 [Info] [5116] recvmsg: WORK
2026-03-09 19:28:13 [Info] [5116] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 19:28:13 [Info] [5116] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 19:28:13 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 19:28:14 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 19:28:14 [Info] [5116] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 19:28:14 [Info] [5116] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 19:28:14 [Info] [5116] log fd cnt is [250], real fd cnt is [281]
2026-03-09 19:28:15 [Info] [5116] log memory size is 20480KB, real memory size is 14536KB
2026-03-09 19:28:15 [Info] [5116] item: --secnet_rasp_agent
2026-03-09 19:28:15 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-09 19:28:15 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py
2026-03-09 19:28:15 [Info] [5116] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py
2026-03-09 19:28:15 [Info] [5116] Download redirect files success.
2026-03-09 19:28:15 [Info] [5116] Prepare stage1: --secnet_rasp_agent
2026-03-09 19:28:15 [Info] [5116] Prepare stage2
2026-03-09 19:28:16 [Warn] [5116] high cpu, cpu is 12
2026-03-09 19:28:16 [Info] [5116] try get sys version
2026-03-09 19:28:16 [Info] [5116] win sys info:2/10:0:3
2026-03-09 19:28:16 [Info] [5116] suit legal version, enable cpu control
2026-03-09 19:28:16 [Warn] [5116] High CPU Warning: 12
2026-03-09 19:28:16 [Info] [5116] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-09 19:28:16 [Info] [5116] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-09 19:28:16 [Info] [5116] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 19:28:16 [Warn] [5116] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:subprocess.py line: 125 in func: _eintr_retry_call
File:subprocess.py line: 475 in func: communicate
File:subprocess.py line: 217 in func: check_output
File:secnet_rasp_agent_lib.py line: 55 in func: read_host_uuid
File:secnet_rasp_agent.py line: 218 in func: main
File:secnet_rasp_agent.py line: 240 in func: start
2026-03-09 19:28:16 [Info] [5116] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 19:28:16 [Info] [5116] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0
2026-03-09 19:28:16 [Info] [5116] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-09 19:28:16 [Info] [5116] stage3: --secnet_rasp_agent
2026-03-09 19:28:16 [Info] [5116] Loader after check
2026-03-09 19:28:17 [Info] [5116] Enter reuse wait state.
2026-03-09 19:28:19 [Info] [5116] log memory size is 30720KB, real memory size is 21152KB
2026-03-09 19:28:20 [Info] [5116] recvmsg: EXIT
2026-03-09 19:28:20 [Info] [5116] Recv Exit Msg, Exit...
2026-03-09 22:55:36 [Info] [92] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-09 22:55:36 [Info] [92] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap216341773068124 
2026-03-09 22:55:36 [Info] [92] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-09 22:55:36 [Info] [92] Resource monitor start
2026-03-09 22:55:36 [Info] [92] ipc client init success
2026-03-09 22:55:36 [Info] [92] Ipc init: 0
2026-03-09 22:55:36 [Info] [92] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-09 22:55:36 [Info] [92] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-09 22:55:36 [Info] [92] start ipc thread id[1312]
2026-03-09 22:55:36 [Info] [92] Connect Yundun ipc server return state is 0
2026-03-09 22:55:36 [Info] [92] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-09 22:55:36 [Info] [92] CResourceMonitor::run Enter
2026-03-09 22:55:36 [Info] [92] CIpcMsgHandlerMgr::run Enter
2026-03-09 22:55:36 [Info] [92] Report thread
2026-03-09 22:55:36 [Info] [92] Monitor thread
2026-03-09 22:55:36 [Info] [92] Loader thread
2026-03-09 22:55:36 [Info] [92] PythonEngineImpl Init...
2026-03-09 22:55:41 [Info] [92] yundun connected
2026-03-09 22:55:41 [Info] [92] recvmsg: HELLO
2026-03-09 22:55:41 [Info] [92] recvmsg: WORK
2026-03-09 22:55:41 [Info] [92] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 22:55:41 [Info] [92] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-09 22:55:41 [Info] [92] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 22:55:42 [Info] [92] log fd cnt is [250], real fd cnt is [264]
2026-03-09 22:55:43 [Info] [92] log memory size is 20480KB, real memory size is 12944KB
2026-03-09 22:55:50 [Info] [92] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 22:55:51 [Info] [92] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-09 22:55:51 [Info] [92] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-09 22:55:52 [Info] [92] item: --windows-sysinfoext-check
2026-03-09 22:55:52 [Info] [92] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 22:55:52 [Info] [92] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 22:55:52 [Info] [92] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-09 22:55:52 [Info] [92] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-09 22:55:52 [Info] [92] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-09 22:55:52 [Info] [92] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-09 22:55:52 [Info] [92] Prepare stage1: --windows-sysinfoext-check
2026-03-09 22:55:52 [Info] [92] Prepare stage2
2026-03-09 22:55:54 [Info] [92] stage3: --windows-sysinfoext-check
2026-03-09 22:55:54 [Info] [92] Loader after check
2026-03-09 22:55:54 [Warn] [92] high cpu, cpu is 12
2026-03-09 22:55:54 [Info] [92] try get sys version
2026-03-09 22:55:54 [Info] [92] win sys info:2/10:0:3
2026-03-09 22:55:54 [Info] [92] suit legal version, enable cpu control
2026-03-09 22:55:54 [Warn] [92] High CPU Warning: 12
2026-03-09 22:55:54 [Warn] [92] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-09 22:55:55 [Info] [92] Enter reuse wait state.
2026-03-09 22:55:55 [Info] [92] log memory size is 30720KB, real memory size is 22988KB
2026-03-09 22:56:00 [Info] [92] recvmsg: EXIT
2026-03-09 22:56:00 [Info] [92] Recv Exit Msg, Exit...
2026-03-16 00:00:50 [Info] [3188] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 00:00:50 [Info] [3188] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap233231773590428 
2026-03-16 00:00:50 [Info] [3188] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 00:00:50 [Info] [3188] Resource monitor start
2026-03-16 00:00:50 [Info] [3188] ipc client init success
2026-03-16 00:00:50 [Info] [3188] Ipc init: 0
2026-03-16 00:00:50 [Info] [3188] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 00:00:50 [Info] [3188] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 00:00:50 [Info] [3188] start ipc thread id[5620]
2026-03-16 00:00:50 [Info] [3188] Connect Yundun ipc server return state is 0
2026-03-16 00:00:50 [Info] [3188] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 00:00:54 [Info] [3188] CResourceMonitor::run Enter
2026-03-16 00:00:54 [Info] [3188] CIpcMsgHandlerMgr::run Enter
2026-03-16 00:00:54 [Info] [3188] yundun connected
2026-03-16 00:00:54 [Info] [3188] Report thread
2026-03-16 00:00:54 [Info] [3188] Monitor thread
2026-03-16 00:00:54 [Info] [3188] Loader thread
2026-03-16 00:00:54 [Info] [3188] PythonEngineImpl Init...
2026-03-16 00:00:55 [Info] [3188] recvmsg: HELLO
2026-03-16 00:00:55 [Info] [3188] log fd cnt is [250], real fd cnt is [263]
2026-03-16 00:00:55 [Info] [3188] recvmsg: WORK
2026-03-16 00:00:56 [Info] [3188] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 00:00:56 [Info] [3188] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 00:00:56 [Info] [3188] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 00:00:56 [Info] [3188] log memory size is 20480KB, real memory size is 13588KB
2026-03-16 00:00:57 [Info] [3188] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 00:00:57 [Info] [3188] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 00:00:57 [Info] [3188] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 00:00:58 [Info] [3188] item: --windows-sysinfoext-check
2026-03-16 00:00:58 [Info] [3188] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 00:00:58 [Info] [3188] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 00:00:58 [Info] [3188] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 00:00:58 [Info] [3188] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 00:00:59 [Info] [3188] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-16 00:00:59 [Info] [3188] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 00:00:59 [Info] [3188] Prepare stage1: --windows-sysinfoext-check
2026-03-16 00:00:59 [Info] [3188] Prepare stage2
2026-03-16 00:00:59 [Warn] [3188] high cpu, cpu is 20
2026-03-16 00:00:59 [Info] [3188] try get sys version
2026-03-16 00:00:59 [Info] [3188] win sys info:2/10:0:3
2026-03-16 00:00:59 [Info] [3188] suit legal version, enable cpu control
2026-03-16 00:00:59 [Warn] [3188] High CPU Warning: 20
2026-03-16 00:01:00 [Warn] [3188] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
2026-03-16 00:01:00 [Info] [3188] stage3: --windows-sysinfoext-check
2026-03-16 00:01:00 [Info] [3188] Loader after check
2026-03-16 00:01:01 [Info] [3188] log memory size is 30720KB, real memory size is 23072KB
2026-03-16 00:01:01 [Info] [3188] Enter reuse wait state.
2026-03-16 00:01:06 [Info] [3188] recvmsg: EXIT
2026-03-16 00:01:06 [Info] [3188] Recv Exit Msg, Exit...
2026-03-16 05:29:29 [Info] [3968] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 05:29:29 [Info] [3968] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap222071773610155 
2026-03-16 05:29:29 [Info] [3968] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 05:29:29 [Info] [3968] Resource monitor start
2026-03-16 05:29:29 [Info] [3968] ipc client init success
2026-03-16 05:29:29 [Info] [3968] Ipc init: 0
2026-03-16 05:29:29 [Info] [3968] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 05:29:29 [Info] [3968] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 05:29:29 [Info] [3968] start ipc thread id[5940]
2026-03-16 05:29:29 [Info] [3968] Connect Yundun ipc server return state is 0
2026-03-16 05:29:29 [Info] [3968] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 05:29:29 [Info] [3968] CResourceMonitor::run Enter
2026-03-16 05:29:29 [Info] [3968] CIpcMsgHandlerMgr::run Enter
2026-03-16 05:29:29 [Info] [3968] yundun connected
2026-03-16 05:29:29 [Info] [3968] Report thread
2026-03-16 05:29:29 [Info] [3968] Monitor thread
2026-03-16 05:29:29 [Info] [3968] Loader thread
2026-03-16 05:29:29 [Info] [3968] PythonEngineImpl Init...
2026-03-16 05:29:37 [Info] [3968] log fd cnt is [250], real fd cnt is [261]
2026-03-16 05:29:37 [Info] [3968] recvmsg: HELLO
2026-03-16 05:29:37 [Info] [3968] recvmsg: WORK
2026-03-16 05:29:37 [Info] [3968] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 05:29:37 [Info] [3968] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 05:29:37 [Info] [3968] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 05:29:38 [Info] [3968] log memory size is 20480KB, real memory size is 13136KB
2026-03-16 05:29:45 [Info] [3968] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 05:29:45 [Info] [3968] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 05:29:45 [Info] [3968] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 05:29:46 [Info] [3968] item: --windows-sysinfoext-check
2026-03-16 05:29:46 [Info] [3968] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 05:29:46 [Info] [3968] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 05:29:46 [Info] [3968] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 05:29:46 [Info] [3968] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 05:29:46 [Info] [3968] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-16 05:29:46 [Info] [3968] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 05:29:46 [Info] [3968] Prepare stage1: --windows-sysinfoext-check
2026-03-16 05:29:46 [Info] [3968] Prepare stage2
2026-03-16 05:29:47 [Warn] [3968] high cpu, cpu is 18
2026-03-16 05:29:47 [Info] [3968] try get sys version
2026-03-16 05:29:47 [Info] [3968] win sys info:2/10:0:3
2026-03-16 05:29:47 [Info] [3968] suit legal version, enable cpu control
2026-03-16 05:29:47 [Warn] [3968] High CPU Warning: 18
2026-03-16 05:29:48 [Warn] [3968] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
2026-03-16 05:29:48 [Info] [3968] stage3: --windows-sysinfoext-check
2026-03-16 05:29:48 [Info] [3968] Loader after check
2026-03-16 05:29:49 [Info] [3968] Enter reuse wait state.
2026-03-16 05:29:50 [Info] [3968] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-16 05:29:51 [Info] [3968] log memory size is 30720KB, real memory size is 23200KB
2026-03-16 05:29:53 [Info] [3968] recvmsg: EXIT
2026-03-16 05:29:53 [Info] [3968] Recv Exit Msg, Exit...
2026-03-16 06:01:45 [Info] [5296] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 06:01:45 [Info] [5296] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap285751773612105 
2026-03-16 06:01:45 [Info] [5296] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 06:01:45 [Info] [5296] Resource monitor start
2026-03-16 06:01:45 [Info] [5296] ipc client init success
2026-03-16 06:01:45 [Info] [5296] Ipc init: 0
2026-03-16 06:01:45 [Info] [5296] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 06:01:45 [Info] [5296] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 06:01:45 [Info] [5296] start ipc thread id[4572]
2026-03-16 06:01:45 [Info] [5296] Connect Yundun ipc server return state is 0
2026-03-16 06:01:45 [Info] [5296] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 06:01:45 [Info] [5296] CResourceMonitor::run Enter
2026-03-16 06:01:45 [Info] [5296] CIpcMsgHandlerMgr::run Enter
2026-03-16 06:01:45 [Info] [5296] Report thread
2026-03-16 06:01:45 [Info] [5296] Monitor thread
2026-03-16 06:01:45 [Info] [5296] Loader thread
2026-03-16 06:01:45 [Info] [5296] PythonEngineImpl Init...
2026-03-16 06:01:45 [Info] [5296] yundun connected
2026-03-16 06:01:46 [Info] [5296] recvmsg: HELLO
2026-03-16 06:01:46 [Info] [5296] recvmsg: WORK
2026-03-16 06:01:46 [Info] [5296] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 06:01:46 [Info] [5296] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 06:01:46 [Info] [5296] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 06:01:46 [Info] [5296] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 06:01:46 [Info] [5296] log fd cnt is [250], real fd cnt is [282]
2026-03-16 06:01:46 [Info] [5296] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 06:01:46 [Info] [5296] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 06:01:47 [Info] [5296] log memory size is 20480KB, real memory size is 14800KB
2026-03-16 06:01:48 [Info] [5296] item: --sca
2026-03-16 06:01:48 [Info] [5296] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-16 06:01:48 [Info] [5296] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/version.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_utils.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_common_proc.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_java_proc.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_node_proc.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_webcontainer_proc.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_business_type.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_python_proc.py
2026-03-16 06:01:48 [Info] [5296] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/sca_poc_vul_scan.py
2026-03-16 06:01:48 [Info] [5296] Download redirect files success.
2026-03-16 06:01:48 [Info] [5296] Prepare stage1: --sca
2026-03-16 06:01:48 [Info] [5296] Prepare stage2
2026-03-16 06:01:51 [Info] [5296] log memory size is 30720KB, real memory size is 33048KB
2026-03-16 06:01:55 [Info] [5296] log memory size is 40960KB, real memory size is 33752KB
2026-03-16 06:02:45 [Info] [5296] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-16 06:02:52 [Info] [5296] log fd cnt is [300], real fd cnt is [375]
2026-03-16 06:02:57 [Info] [5296] stage3: --sca
2026-03-16 06:02:57 [Info] [5296] Loader after check
2026-03-16 06:02:58 [Info] [5296] Enter reuse wait state.
2026-03-16 06:03:01 [Info] [5296] recvmsg: EXIT
2026-03-16 06:03:01 [Info] [5296] Recv Exit Msg, Exit...
2026-03-16 07:55:27 [Info] [5732] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 07:55:27 [Info] [5732] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap180851773618927 
2026-03-16 07:55:27 [Info] [5732] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 07:55:27 [Info] [5732] Resource monitor start
2026-03-16 07:55:27 [Info] [5732] ipc client init success
2026-03-16 07:55:27 [Info] [5732] Ipc init: 0
2026-03-16 07:55:27 [Info] [5732] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 07:55:27 [Info] [5732] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 07:55:27 [Info] [5732] start ipc thread id[2404]
2026-03-16 07:55:27 [Info] [5732] Connect Yundun ipc server return state is 0
2026-03-16 07:55:27 [Info] [5732] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 07:55:27 [Info] [5732] CResourceMonitor::run Enter
2026-03-16 07:55:27 [Info] [5732] CIpcMsgHandlerMgr::run Enter
2026-03-16 07:55:27 [Info] [5732] Report thread
2026-03-16 07:55:27 [Info] [5732] Monitor thread
2026-03-16 07:55:27 [Info] [5732] Loader thread
2026-03-16 07:55:27 [Info] [5732] PythonEngineImpl Init...
2026-03-16 07:55:27 [Info] [5732] yundun connected
2026-03-16 07:55:27 [Info] [5732] recvmsg: HELLO
2026-03-16 07:55:27 [Info] [5732] recvmsg: WORK
2026-03-16 07:55:27 [Info] [5732] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 07:55:27 [Info] [5732] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 07:55:27 [Info] [5732] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 07:55:27 [Info] [5732] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 07:55:28 [Info] [5732] log fd cnt is [250], real fd cnt is [282]
2026-03-16 07:55:28 [Info] [5732] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 07:55:28 [Info] [5732] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 07:55:29 [Info] [5732] log memory size is 20480KB, real memory size is 14736KB
2026-03-16 07:55:29 [Info] [5732] item: --windows-vul-clean
2026-03-16 07:55:29 [Info] [5732] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-16 07:55:29 [Info] [5732] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-vul-clean.py.md5
2026-03-16 07:55:29 [Info] [5732] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 07:55:29 [Info] [5732] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 07:55:29 [Info] [5732] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5, http code : 200, curl ret : 0
2026-03-16 07:55:29 [Info] [5732] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-vul-clean.py.md5
2026-03-16 07:55:29 [Info] [5732] Prepare stage1: --windows-vul-clean
2026-03-16 07:55:29 [Info] [5732] Prepare stage2
2026-03-16 07:55:29 [Info] [5732] stage3: --windows-vul-clean
2026-03-16 07:55:29 [Info] [5732] Loader after check
2026-03-16 07:55:30 [Info] [5732] Enter reuse wait state.
2026-03-16 07:55:34 [Info] [5732] recvmsg: EXIT
2026-03-16 07:55:34 [Info] [5732] Recv Exit Msg, Exit...
2026-03-16 08:55:02 [Info] [3148] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 08:55:02 [Info] [3148] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap297591773622502 
2026-03-16 08:55:02 [Info] [3148] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 08:55:02 [Info] [3148] Resource monitor start
2026-03-16 08:55:02 [Info] [3148] ipc client init success
2026-03-16 08:55:02 [Info] [3148] Ipc init: 0
2026-03-16 08:55:02 [Info] [3148] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 08:55:02 [Info] [3148] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 08:55:02 [Info] [3148] start ipc thread id[700]
2026-03-16 08:55:02 [Info] [3148] Connect Yundun ipc server return state is 0
2026-03-16 08:55:02 [Info] [3148] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 08:55:02 [Info] [3148] CResourceMonitor::run Enter
2026-03-16 08:55:02 [Info] [3148] CIpcMsgHandlerMgr::run Enter
2026-03-16 08:55:02 [Info] [3148] Report thread
2026-03-16 08:55:02 [Info] [3148] Monitor thread
2026-03-16 08:55:02 [Info] [3148] Loader thread
2026-03-16 08:55:02 [Info] [3148] PythonEngineImpl Init...
2026-03-16 08:55:03 [Info] [3148] yundun connected
2026-03-16 08:55:03 [Info] [3148] recvmsg: HELLO
2026-03-16 08:55:03 [Info] [3148] recvmsg: WORK
2026-03-16 08:55:03 [Info] [3148] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 08:55:03 [Info] [3148] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 08:55:03 [Info] [3148] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 08:55:03 [Info] [3148] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 08:55:03 [Info] [3148] log fd cnt is [250], real fd cnt is [282]
2026-03-16 08:55:04 [Info] [3148] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 08:55:04 [Info] [3148] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 08:55:04 [Info] [3148] log memory size is 20480KB, real memory size is 14736KB
2026-03-16 08:55:05 [Info] [3148] item: --windows-process-check
2026-03-16 08:55:05 [Info] [3148] cgroup name aegisRtap0
2026-03-16 08:55:05 [Info] [3148] try get sys version
2026-03-16 08:55:05 [Info] [3148] win sys info:2/10:0:3
2026-03-16 08:55:05 [Info] [3148] suit legal version, enable cpu control
2026-03-16 08:55:05 [Info] [3148] get AssignProcessToJobObject handle [00000478]
2026-03-16 08:55:05 [Info] [3148] Set setJobExtended.
2026-03-16 08:55:05 [Info] [3148] Set cpu [9%]
2026-03-16 08:55:05 [Info] [3148] Set cpu success
2026-03-16 08:55:05 [Info] [3148] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-16 08:55:05 [Info] [3148] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-process-check.py.md5
2026-03-16 08:55:05 [Info] [3148] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 08:55:05 [Info] [3148] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 08:55:05 [Info] [3148] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5, http code : 200, curl ret : 0
2026-03-16 08:55:05 [Info] [3148] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-process-check.py.md5
2026-03-16 08:55:05 [Info] [3148] Prepare stage1: --windows-process-check
2026-03-16 08:55:05 [Info] [3148] Prepare stage2
2026-03-16 08:55:09 [Info] [3148] log memory size is 30720KB, real memory size is 20668KB
2026-03-16 08:55:23 [Info] [3148] stage3: --windows-process-check
2026-03-16 08:55:23 [Info] [3148] Loader after check
2026-03-16 08:55:24 [Info] [3148] Enter reuse wait state.
2026-03-16 08:55:26 [Info] [3148] recvmsg: EXIT
2026-03-16 08:55:26 [Info] [3148] Recv Exit Msg, Exit...
2026-03-16 10:34:13 [Info] [3192] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 10:34:13 [Info] [3192] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap164251773628453 
2026-03-16 10:34:13 [Info] [3192] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 10:34:13 [Info] [3192] Resource monitor start
2026-03-16 10:34:13 [Info] [3192] ipc client init success
2026-03-16 10:34:13 [Info] [3192] Ipc init: 0
2026-03-16 10:34:13 [Info] [3192] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 10:34:13 [Info] [3192] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 10:34:13 [Info] [3192] start ipc thread id[5144]
2026-03-16 10:34:13 [Info] [3192] Connect Yundun ipc server return state is 0
2026-03-16 10:34:13 [Info] [3192] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 10:34:13 [Info] [3192] CResourceMonitor::run Enter
2026-03-16 10:34:13 [Info] [3192] CIpcMsgHandlerMgr::run Enter
2026-03-16 10:34:13 [Info] [3192] Report thread
2026-03-16 10:34:13 [Info] [3192] Monitor thread
2026-03-16 10:34:13 [Info] [3192] Loader thread
2026-03-16 10:34:13 [Info] [3192] PythonEngineImpl Init...
2026-03-16 10:34:13 [Info] [3192] yundun connected
2026-03-16 10:34:13 [Info] [3192] recvmsg: HELLO
2026-03-16 10:34:13 [Info] [3192] recvmsg: WORK
2026-03-16 10:34:13 [Info] [3192] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:34:13 [Info] [3192] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:34:13 [Info] [3192] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:34:14 [Info] [3192] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:34:14 [Info] [3192] log fd cnt is [250], real fd cnt is [282]
2026-03-16 10:34:14 [Info] [3192] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 10:34:14 [Info] [3192] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 10:34:15 [Info] [3192] log memory size is 20480KB, real memory size is 14736KB
2026-03-16 10:34:15 [Info] [3192] item: --windows-driver-version-check
2026-03-16 10:34:15 [Info] [3192] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-16 10:34:15 [Info] [3192] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-driver-version-check.py.md5
2026-03-16 10:34:15 [Info] [3192] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:34:15 [Info] [3192] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:34:15 [Info] [3192] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5, http code : 200, curl ret : 0
2026-03-16 10:34:15 [Info] [3192] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-driver-version-check.py.md5
2026-03-16 10:34:15 [Info] [3192] Prepare stage1: --windows-driver-version-check
2026-03-16 10:34:15 [Info] [3192] Prepare stage2
2026-03-16 10:34:16 [Info] [3192] stage3: --windows-driver-version-check
2026-03-16 10:34:16 [Info] [3192] Loader after check
2026-03-16 10:34:17 [Info] [3192] Enter reuse wait state.
2026-03-16 10:34:20 [Info] [3192] recvmsg: EXIT
2026-03-16 10:34:20 [Info] [3192] Recv Exit Msg, Exit...
2026-03-16 10:43:54 [Info] [6028] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 10:43:54 [Info] [6028] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap183221773629034 
2026-03-16 10:43:54 [Info] [6028] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 10:43:54 [Info] [6028] Resource monitor start
2026-03-16 10:43:54 [Info] [6028] ipc client init success
2026-03-16 10:43:54 [Info] [6028] Ipc init: 0
2026-03-16 10:43:54 [Info] [6028] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 10:43:54 [Info] [6028] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 10:43:54 [Info] [6028] start ipc thread id[2128]
2026-03-16 10:43:54 [Info] [6028] Connect Yundun ipc server return state is 0
2026-03-16 10:43:54 [Info] [6028] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 10:43:54 [Info] [6028] CResourceMonitor::run Enter
2026-03-16 10:43:54 [Info] [6028] CIpcMsgHandlerMgr::run Enter
2026-03-16 10:43:54 [Info] [6028] Report thread
2026-03-16 10:43:54 [Info] [6028] Monitor thread
2026-03-16 10:43:54 [Info] [6028] Loader thread
2026-03-16 10:43:54 [Info] [6028] PythonEngineImpl Init...
2026-03-16 10:43:54 [Info] [6028] yundun connected
2026-03-16 10:43:55 [Info] [6028] recvmsg: HELLO
2026-03-16 10:43:55 [Info] [6028] recvmsg: WORK
2026-03-16 10:43:55 [Info] [6028] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:43:55 [Info] [6028] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:43:55 [Info] [6028] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:43:55 [Info] [6028] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:43:55 [Info] [6028] log fd cnt is [250], real fd cnt is [282]
2026-03-16 10:43:56 [Info] [6028] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 10:43:56 [Info] [6028] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 10:43:56 [Info] [6028] log memory size is 20480KB, real memory size is 14808KB
2026-03-16 10:43:57 [Info] [6028] item: --windows-registry-check
2026-03-16 10:43:57 [Info] [6028] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-16 10:43:57 [Info] [6028] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-registry-check.py.md5
2026-03-16 10:43:57 [Info] [6028] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:43:57 [Info] [6028] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:43:57 [Info] [6028] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5, http code : 200, curl ret : 0
2026-03-16 10:43:57 [Info] [6028] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-registry-check.py.md5
2026-03-16 10:43:57 [Info] [6028] Prepare stage1: --windows-registry-check
2026-03-16 10:43:57 [Info] [6028] Prepare stage2
2026-03-16 10:44:25 [Info] [6028] stage3: --windows-registry-check
2026-03-16 10:44:25 [Info] [6028] Loader after check
2026-03-16 10:44:26 [Info] [6028] Enter reuse wait state.
2026-03-16 10:44:30 [Info] [6028] recvmsg: EXIT
2026-03-16 10:44:30 [Info] [6028] Recv Exit Msg, Exit...
2026-03-16 10:44:46 [Info] [1068] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 10:44:46 [Info] [1068] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap184921773629086 
2026-03-16 10:44:46 [Info] [1068] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 10:44:46 [Info] [1068] Resource monitor start
2026-03-16 10:44:46 [Info] [1068] ipc client init success
2026-03-16 10:44:46 [Info] [1068] Ipc init: 0
2026-03-16 10:44:46 [Info] [1068] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 10:44:46 [Info] [1068] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 10:44:46 [Info] [1068] start ipc thread id[2784]
2026-03-16 10:44:46 [Info] [1068] Connect Yundun ipc server return state is 0
2026-03-16 10:44:46 [Info] [1068] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 10:44:46 [Info] [1068] CResourceMonitor::run Enter
2026-03-16 10:44:46 [Info] [1068] CIpcMsgHandlerMgr::run Enter
2026-03-16 10:44:46 [Info] [1068] Report thread
2026-03-16 10:44:46 [Info] [1068] Monitor thread
2026-03-16 10:44:46 [Info] [1068] Loader thread
2026-03-16 10:44:46 [Info] [1068] PythonEngineImpl Init...
2026-03-16 10:44:46 [Info] [1068] yundun connected
2026-03-16 10:44:46 [Info] [1068] recvmsg: HELLO
2026-03-16 10:44:46 [Info] [1068] recvmsg: WORK
2026-03-16 10:44:47 [Info] [1068] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:44:47 [Info] [1068] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:44:47 [Info] [1068] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:44:47 [Info] [1068] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:44:47 [Info] [1068] log fd cnt is [250], real fd cnt is [282]
2026-03-16 10:44:47 [Info] [1068] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 10:44:47 [Info] [1068] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 10:44:48 [Info] [1068] log memory size is 20480KB, real memory size is 14752KB
2026-03-16 10:44:48 [Info] [1068] item: --windows-schedule-task-check
2026-03-16 10:44:48 [Info] [1068] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-16 10:44:48 [Info] [1068] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-schedule-task-check.py.md5
2026-03-16 10:44:48 [Info] [1068] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:44:48 [Info] [1068] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:44:48 [Info] [1068] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5, http code : 200, curl ret : 0
2026-03-16 10:44:48 [Info] [1068] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-schedule-task-check.py.md5
2026-03-16 10:44:48 [Info] [1068] Prepare stage1: --windows-schedule-task-check
2026-03-16 10:44:48 [Info] [1068] Prepare stage2
2026-03-16 10:44:49 [Warn] [1068] high cpu, cpu is 15
2026-03-16 10:44:49 [Info] [1068] try get sys version
2026-03-16 10:44:49 [Info] [1068] win sys info:2/10:0:3
2026-03-16 10:44:49 [Info] [1068] suit legal version, enable cpu control
2026-03-16 10:44:49 [Warn] [1068] High CPU Warning: 15
2026-03-16 10:44:49 [Warn] [1068] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:windows-schedule-task-check.py line: 382 in func: GetScheduleTaskByCom
File:windows-schedule-task-check.py line: 244 in func: GetTasksBySchtasks
File:windows-schedule-task-check.py line: 425 in func: check
File:windows-schedule-task-check.py line: 61 in func: main
File:windows-schedule-task-check.py line: 433 in func: start
2026-03-16 10:44:52 [Info] [1068] log memory size is 30720KB, real memory size is 23488KB
2026-03-16 10:44:53 [Info] [1068] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-16 10:45:20 [Info] [1068] stage3: --windows-schedule-task-check
2026-03-16 10:45:20 [Info] [1068] Loader after check
2026-03-16 10:45:21 [Info] [1068] Enter reuse wait state.
2026-03-16 10:45:26 [Info] [1068] recvmsg: EXIT
2026-03-16 10:45:26 [Info] [1068] Recv Exit Msg, Exit...
2026-03-16 10:59:07 [Info] [4208] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 10:59:07 [Info] [4208] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap213001773629946 
2026-03-16 10:59:07 [Info] [4208] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 10:59:13 [Info] [4208] Resource monitor start
2026-03-16 10:59:13 [Info] [4208] ipc client init success
2026-03-16 10:59:13 [Info] [4208] Ipc init: 0
2026-03-16 10:59:13 [Info] [4208] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 10:59:13 [Info] [4208] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 10:59:14 [Info] [4208] start ipc thread id[132]
2026-03-16 10:59:14 [Info] [4208] Connect Yundun ipc server return state is 0
2026-03-16 10:59:19 [Info] [4208] CIpcMsgHandlerMgr::run Enter
2026-03-16 10:59:19 [Info] [4208] CResourceMonitor::run Enter
2026-03-16 10:59:19 [Info] [4208] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 10:59:20 [Info] [4208] log fd cnt is [250], real fd cnt is [243]
2026-03-16 10:59:22 [Info] [4208] Monitor thread
2026-03-16 10:59:22 [Info] [4208] Report thread
2026-03-16 10:59:22 [Info] [4208] yundun connected
2026-03-16 10:59:22 [Info] [4208] recvmsg: HELLO
2026-03-16 10:59:22 [Info] [4208] recvmsg: WORK
2026-03-16 10:59:23 [Info] [4208] Loader thread
2026-03-16 10:59:23 [Info] [4208] PythonEngineImpl Init...
2026-03-16 10:59:23 [Info] [4208] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:59:23 [Info] [4208] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 10:59:23 [Info] [4208] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:59:24 [Info] [4208] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-16 10:59:25 [Info] [4208] log memory size is 20480KB, real memory size is 13124KB
2026-03-16 10:59:34 [Warn] [4208] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-16 10:59:44 [Warn] [4208] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-16 10:59:44 [Info] [4208] http request success : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:59:44 [Info] [4208] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 10:59:44 [Info] [4208] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 10:59:45 [Info] [4208] item: --windows-sysinfoext-check
2026-03-16 10:59:45 [Info] [4208] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 10:59:45 [Info] [4208] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 10:59:45 [Info] [4208] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 10:59:46 [Info] [4208] http request success : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 10:59:46 [Info] [4208] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-16 10:59:46 [Info] [4208] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 10:59:46 [Info] [4208] Prepare stage1: --windows-sysinfoext-check
2026-03-16 10:59:46 [Info] [4208] Prepare stage2
2026-03-16 10:59:48 [Info] [4208] stage3: --windows-sysinfoext-check
2026-03-16 10:59:48 [Info] [4208] Loader after check
2026-03-16 10:59:48 [Warn] [4208] high cpu, cpu is 12
2026-03-16 10:59:48 [Info] [4208] try get sys version
2026-03-16 10:59:48 [Info] [4208] win sys info:2/10:0:3
2026-03-16 10:59:48 [Info] [4208] suit legal version, enable cpu control
2026-03-16 10:59:48 [Warn] [4208] High CPU Warning: 12
2026-03-16 10:59:48 [Warn] [4208] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-16 10:59:49 [Info] [4208] Enter reuse wait state.
2026-03-16 10:59:49 [Info] [4208] log memory size is 30720KB, real memory size is 23212KB
2026-03-16 10:59:52 [Info] [4208] recvmsg: EXIT
2026-03-16 10:59:52 [Info] [4208] Recv Exit Msg, Exit...
2026-03-16 11:15:57 [Info] [4448] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 11:15:57 [Info] [4448] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap245981773630956 
2026-03-16 11:15:57 [Info] [4448] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 11:15:57 [Info] [4448] Resource monitor start
2026-03-16 11:15:57 [Info] [4448] ipc client init success
2026-03-16 11:15:57 [Info] [4448] Ipc init: 0
2026-03-16 11:15:57 [Info] [4448] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 11:15:57 [Info] [4448] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 11:15:57 [Info] [4448] start ipc thread id[2504]
2026-03-16 11:15:57 [Info] [4448] Connect Yundun ipc server return state is 0
2026-03-16 11:15:57 [Info] [4448] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 11:15:57 [Info] [4448] CResourceMonitor::run Enter
2026-03-16 11:15:57 [Info] [4448] CIpcMsgHandlerMgr::run Enter
2026-03-16 11:15:57 [Info] [4448] Report thread
2026-03-16 11:15:57 [Info] [4448] Monitor thread
2026-03-16 11:15:57 [Info] [4448] Loader thread
2026-03-16 11:15:57 [Info] [4448] PythonEngineImpl Init...
2026-03-16 11:15:57 [Info] [4448] yundun connected
2026-03-16 11:15:57 [Info] [4448] recvmsg: HELLO
2026-03-16 11:15:57 [Info] [4448] recvmsg: WORK
2026-03-16 11:15:57 [Info] [4448] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 11:15:57 [Info] [4448] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 11:15:57 [Info] [4448] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 11:15:58 [Info] [4448] log fd cnt is [250], real fd cnt is [274]
2026-03-16 11:15:59 [Info] [4448] log memory size is 20480KB, real memory size is 13516KB
2026-03-16 11:15:59 [Info] [4448] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 11:15:59 [Info] [4448] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 11:15:59 [Info] [4448] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 11:16:00 [Info] [4448] item: --windows-autorun-item-check
2026-03-16 11:16:00 [Info] [4448] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-16 11:16:00 [Info] [4448] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-autorun-item-check.py.md5
2026-03-16 11:16:00 [Info] [4448] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 11:16:00 [Info] [4448] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 11:16:00 [Info] [4448] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5, http code : 200, curl ret : 0
2026-03-16 11:16:00 [Info] [4448] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-autorun-item-check.py.md5
2026-03-16 11:16:00 [Info] [4448] Prepare stage1: --windows-autorun-item-check
2026-03-16 11:16:00 [Info] [4448] Prepare stage2
2026-03-16 11:16:03 [Info] [4448] log memory size is 30720KB, real memory size is 22544KB
2026-03-16 11:16:04 [Info] [4448] recvmsg: T_MSG_IPC_NETWORK_NOTIFY
2026-03-16 11:16:12 [Warn] [4448] high cpu, cpu is 13
2026-03-16 11:16:12 [Info] [4448] try get sys version
2026-03-16 11:16:12 [Info] [4448] win sys info:2/10:0:3
2026-03-16 11:16:12 [Info] [4448] suit legal version, enable cpu control
2026-03-16 11:16:12 [Warn] [4448] High CPU Warning: 13
2026-03-16 11:16:12 [Warn] [4448] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:windows-autorun-item-check.py line: 514 in func: check
File:windows-autorun-item-check.py line: 80 in func: main
File:windows-autorun-item-check.py line: 534 in func: start
2026-03-16 11:16:12 [Info] [4448] stage3: --windows-autorun-item-check
2026-03-16 11:16:12 [Info] [4448] Loader after check
2026-03-16 11:16:13 [Info] [4448] Enter reuse wait state.
2026-03-16 11:16:16 [Info] [4448] recvmsg: EXIT
2026-03-16 11:16:16 [Info] [4448] Recv Exit Msg, Exit...
2026-03-16 11:40:43 [Info] [4572] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 11:40:43 [Info] [4572] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap294541773632443 
2026-03-16 11:40:43 [Info] [4572] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 11:40:43 [Info] [4572] Resource monitor start
2026-03-16 11:40:43 [Info] [4572] ipc client init success
2026-03-16 11:40:43 [Info] [4572] Ipc init: 0
2026-03-16 11:40:43 [Info] [4572] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 11:40:43 [Info] [4572] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 11:40:43 [Info] [4572] start ipc thread id[4576]
2026-03-16 11:40:43 [Info] [4572] Connect Yundun ipc server return state is 0
2026-03-16 11:40:43 [Info] [4572] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 11:40:43 [Info] [4572] CResourceMonitor::run Enter
2026-03-16 11:40:43 [Info] [4572] CIpcMsgHandlerMgr::run Enter
2026-03-16 11:40:43 [Info] [4572] Report thread
2026-03-16 11:40:43 [Info] [4572] Monitor thread
2026-03-16 11:40:43 [Info] [4572] Loader thread
2026-03-16 11:40:43 [Info] [4572] PythonEngineImpl Init...
2026-03-16 11:40:43 [Info] [4572] yundun connected
2026-03-16 11:40:43 [Info] [4572] recvmsg: HELLO
2026-03-16 11:40:43 [Info] [4572] recvmsg: WORK
2026-03-16 11:40:43 [Info] [4572] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 11:40:43 [Info] [4572] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 11:40:43 [Info] [4572] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 11:40:44 [Info] [4572] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 11:40:44 [Info] [4572] log fd cnt is [250], real fd cnt is [282]
2026-03-16 11:40:44 [Info] [4572] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 11:40:44 [Info] [4572] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 11:40:45 [Info] [4572] log memory size is 20480KB, real memory size is 14804KB
2026-03-16 11:40:45 [Info] [4572] item: --tcp-connect-check
2026-03-16 11:40:45 [Info] [4572] cgroup name aegisRtap0
2026-03-16 11:40:45 [Info] [4572] try get sys version
2026-03-16 11:40:45 [Info] [4572] win sys info:2/10:0:3
2026-03-16 11:40:45 [Info] [4572] suit legal version, enable cpu control
2026-03-16 11:40:45 [Info] [4572] get AssignProcessToJobObject handle [00000478]
2026-03-16 11:40:45 [Info] [4572] Set setJobExtended.
2026-03-16 11:40:45 [Info] [4572] Set cpu [9%]
2026-03-16 11:40:45 [Info] [4572] Set cpu success
2026-03-16 11:40:45 [Info] [4572] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-16 11:40:45 [Info] [4572] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/tcp-connect-check.py.md5
2026-03-16 11:40:45 [Info] [4572] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 11:40:45 [Info] [4572] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 11:40:45 [Info] [4572] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5, http code : 200, curl ret : 0
2026-03-16 11:40:45 [Info] [4572] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/tcp-connect-check.py.md5
2026-03-16 11:40:45 [Info] [4572] Prepare stage1: --tcp-connect-check
2026-03-16 11:40:45 [Info] [4572] Prepare stage2
2026-03-16 11:40:48 [Info] [4572] stage3: --tcp-connect-check
2026-03-16 11:40:48 [Info] [4572] Loader after check
2026-03-16 11:40:49 [Info] [4572] Enter reuse wait state.
2026-03-16 11:40:54 [Info] [4572] recvmsg: EXIT
2026-03-16 11:40:54 [Info] [4572] Recv Exit Msg, Exit...
2026-03-16 16:29:53 [Info] [872] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 16:29:53 [Info] [872] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap204491773649754 
2026-03-16 16:29:53 [Info] [872] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 16:29:53 [Info] [872] Resource monitor start
2026-03-16 16:29:53 [Info] [872] ipc client init success
2026-03-16 16:29:53 [Info] [872] Ipc init: 0
2026-03-16 16:29:53 [Info] [872] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 16:29:53 [Info] [872] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 16:29:53 [Info] [872] CResourceMonitor::run Enter
2026-03-16 16:29:53 [Info] [872] CIpcMsgHandlerMgr::run Enter
2026-03-16 16:29:53 [Info] [872] start ipc thread id[5808]
2026-03-16 16:29:53 [Info] [872] Connect Yundun ipc server return state is 0
2026-03-16 16:29:53 [Info] [872] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 16:29:53 [Info] [872] yundun connected
2026-03-16 16:29:53 [Info] [872] Report thread
2026-03-16 16:29:53 [Info] [872] Monitor thread
2026-03-16 16:29:53 [Info] [872] Loader thread
2026-03-16 16:29:53 [Info] [872] PythonEngineImpl Init...
2026-03-16 16:29:53 [Info] [872] recvmsg: HELLO
2026-03-16 16:29:53 [Info] [872] recvmsg: WORK
2026-03-16 16:29:54 [Info] [872] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 16:29:54 [Info] [872] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 16:29:54 [Info] [872] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 16:29:54 [Info] [872] log fd cnt is [250], real fd cnt is [282]
2026-03-16 16:29:54 [Info] [872] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 16:29:54 [Info] [872] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 16:29:54 [Info] [872] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 16:29:55 [Info] [872] log memory size is 20480KB, real memory size is 14780KB
2026-03-16 16:29:55 [Info] [872] item: --windows-sysinfoext-check
2026-03-16 16:29:55 [Info] [872] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 16:29:55 [Info] [872] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 16:29:55 [Info] [872] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 16:29:56 [Info] [872] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 16:29:56 [Info] [872] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-16 16:29:56 [Info] [872] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 16:29:56 [Info] [872] Prepare stage1: --windows-sysinfoext-check
2026-03-16 16:29:56 [Info] [872] Prepare stage2
2026-03-16 16:29:59 [Info] [872] stage3: --windows-sysinfoext-check
2026-03-16 16:29:59 [Info] [872] Loader after check
2026-03-16 16:29:59 [Info] [872] log memory size is 30720KB, real memory size is 23096KB
2026-03-16 16:30:00 [Info] [872] Enter reuse wait state.
2026-03-16 16:30:04 [Info] [872] recvmsg: EXIT
2026-03-16 16:30:04 [Info] [872] Recv Exit Msg, Exit...
2026-03-16 20:41:29 [Info] [5140] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 20:41:29 [Info] [5140] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap43371773664889 
2026-03-16 20:41:29 [Info] [5140] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 20:41:29 [Info] [5140] Resource monitor start
2026-03-16 20:41:29 [Info] [5140] ipc client init success
2026-03-16 20:41:29 [Info] [5140] Ipc init: 0
2026-03-16 20:41:29 [Info] [5140] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 20:41:29 [Info] [5140] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 20:41:29 [Info] [5140] start ipc thread id[5268]
2026-03-16 20:41:29 [Info] [5140] Connect Yundun ipc server return state is 0
2026-03-16 20:41:29 [Info] [5140] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 20:41:29 [Info] [5140] CResourceMonitor::run Enter
2026-03-16 20:41:29 [Info] [5140] CIpcMsgHandlerMgr::run Enter
2026-03-16 20:41:29 [Info] [5140] Report thread
2026-03-16 20:41:29 [Info] [5140] Monitor thread
2026-03-16 20:41:29 [Info] [5140] Loader thread
2026-03-16 20:41:29 [Info] [5140] PythonEngineImpl Init...
2026-03-16 20:41:29 [Info] [5140] yundun connected
2026-03-16 20:41:30 [Info] [5140] recvmsg: HELLO
2026-03-16 20:41:30 [Info] [5140] log fd cnt is [250], real fd cnt is [263]
2026-03-16 20:41:30 [Info] [5140] recvmsg: WORK
2026-03-16 20:41:30 [Info] [5140] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 20:41:30 [Info] [5140] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 20:41:30 [Info] [5140] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 20:41:30 [Info] [5140] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 20:41:31 [Info] [5140] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 20:41:31 [Info] [5140] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 20:41:31 [Info] [5140] log memory size is 20480KB, real memory size is 14716KB
2026-03-16 20:41:32 [Info] [5140] item: --secnet_rasp_agent
2026-03-16 20:41:32 [Info] [5140] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-16 20:41:32 [Info] [5140] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent.py
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_lib.py
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_engine.py
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_finder.py
2026-03-16 20:41:32 [Info] [5140] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/secnet_rasp_agent_action.py
2026-03-16 20:41:32 [Info] [5140] Download redirect files success.
2026-03-16 20:41:32 [Info] [5140] Prepare stage1: --secnet_rasp_agent
2026-03-16 20:41:32 [Info] [5140] Prepare stage2
2026-03-16 20:41:33 [Info] [5140] start DownLoadBuffer update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-16 20:41:33 [Info] [5140] start do http get request for update.aegis.aliyun.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-16 20:41:33 [Info] [5140] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 20:41:33 [Info] [5140] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 20:41:34 [Info] [5140] http request success : https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update, http code : 200, curl ret : 0
2026-03-16 20:41:34 [Info] [5140] http download from redirect url success with https://aegis.alicdn.com/rasp/plugin/rtap/heartbeat?version=3.12&host_id=1df4a29c-9101-49c6-94e9-348f286d57d0&app_id=&action=update
2026-03-16 20:41:34 [Info] [5140] stage3: --secnet_rasp_agent
2026-03-16 20:41:34 [Info] [5140] Loader after check
2026-03-16 20:41:35 [Info] [5140] Enter reuse wait state.
2026-03-16 20:41:35 [Info] [5140] log memory size is 30720KB, real memory size is 21344KB
2026-03-16 20:41:37 [Info] [5140] recvmsg: EXIT
2026-03-16 20:41:37 [Info] [5140] Recv Exit Msg, Exit...
2026-03-16 21:58:27 [Info] [3496] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 21:58:27 [Info] [3496] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap193851773669497 
2026-03-16 21:58:27 [Info] [3496] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 21:58:37 [Info] [3496] Resource monitor start
2026-03-16 21:58:40 [Info] [3496] ipc client init success
2026-03-16 21:58:40 [Info] [3496] Ipc init: 0
2026-03-16 21:58:40 [Info] [3496] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 21:58:40 [Info] [3496] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 21:58:40 [Info] [3496] start ipc thread id[2844]
2026-03-16 21:58:40 [Info] [3496] Connect Yundun ipc server return state is 0
2026-03-16 21:58:40 [Info] [3496] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 21:58:40 [Info] [3496] CResourceMonitor::run Enter
2026-03-16 21:58:45 [Info] [3496] Loader thread
2026-03-16 21:58:45 [Info] [3496] PythonEngineImpl Init...
2026-03-16 21:58:45 [Info] [3496] Monitor thread
2026-03-16 21:58:45 [Info] [3496] Report thread
2026-03-16 21:58:45 [Info] [3496] yundun connected
2026-03-16 21:58:45 [Info] [3496] CIpcMsgHandlerMgr::run Enter
2026-03-16 21:58:45 [Info] [3496] recvmsg: HELLO
2026-03-16 21:58:45 [Info] [3496] recvmsg: WORK
2026-03-16 21:58:45 [Info] [3496] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 21:58:45 [Info] [3496] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 21:58:45 [Info] [3496] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 21:58:46 [Info] [3496] log fd cnt is [250], real fd cnt is [264]
2026-03-16 21:58:47 [Info] [3496] log memory size is 20480KB, real memory size is 13164KB
2026-03-16 21:58:56 [Warn] [3496] http request fail : https://update-vpc.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-16 21:58:53 [Info] [3864] ====================Start AliSecCheck : 10_10, Feb 19 2025 00:11:37====================
2026-03-16 21:58:53 [Info] [3864] cmdline:C:\Program Files (x86)\Alibaba\Aegis\AliSecCheckTmp\AliSecCheck.exe -t rtap -c Rtap194771773669525 
2026-03-16 21:58:53 [Info] [3864] Aegis root path is C:/Program Files (x86)/Alibaba/Aegis
2026-03-16 21:58:55 [Info] [3864] Resource monitor start
2026-03-16 21:58:55 [Info] [3864] ipc client init success
2026-03-16 21:58:55 [Info] [3864] Ipc init: 0
2026-03-16 21:58:55 [Info] [3864] timer 1 magic num is 0x7672655363704943, interval is 10000ms, class name is CIpcServiceImpl
2026-03-16 21:58:55 [Info] [3864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/rtap.dll
2026-03-16 21:58:55 [Info] [3864] start ipc thread id[1944]
2026-03-16 21:58:55 [Info] [3864] Connect Yundun ipc server return state is 0
2026-03-16 21:58:55 [Info] [3864] LoadModule : C:/Program Files (x86)/Alibaba/Aegis/AliSecCheckTmp/PythonEngine.dll
2026-03-16 21:58:55 [Info] [3864] CResourceMonitor::run Enter
2026-03-16 21:58:55 [Info] [3864] CIpcMsgHandlerMgr::run Enter
2026-03-16 21:58:55 [Info] [3864] yundun connected
2026-03-16 21:58:55 [Info] [3864] Report thread
2026-03-16 21:58:55 [Info] [3864] Monitor thread
2026-03-16 21:58:55 [Info] [3864] Loader thread
2026-03-16 21:58:55 [Info] [3864] PythonEngineImpl Init...
2026-03-16 21:58:56 [Info] [3864] recvmsg: HELLO
2026-03-16 21:58:56 [Info] [3864] recvmsg: WORK
2026-03-16 21:58:56 [Info] [3864] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 21:58:56 [Info] [3864] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/rtap_cfg.data.md5
2026-03-16 21:58:56 [Info] [3864] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 21:58:56 [Info] [3864] log fd cnt is [250], real fd cnt is [274]
2026-03-16 21:58:57 [Info] [3864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 21:58:57 [Info] [3864] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 21:58:57 [Info] [3864] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 21:58:57 [Info] [3864] log memory size is 20480KB, real memory size is 14724KB
2026-03-16 21:58:58 [Info] [3864] item: --windows-vul-check
2026-03-16 21:58:58 [Info] [3864] start post buffer update.aegis.aliyun.com/file_policy/rtap_files
2026-03-16 21:58:58 [Info] [3864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/rtap_files, http code : 200, curl ret : 0
2026-03-16 21:58:58 [Info] [3864] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/windows-vul-check.py
2026-03-16 21:58:58 [Info] [3864] Download redirect file, local file md5 check ok: rtap_file/official/release/win32/plugin/aegis_plugin_util.py
2026-03-16 21:58:58 [Info] [3864] Download redirect files success.
2026-03-16 21:58:58 [Info] [3864] Prepare stage1: --windows-vul-check
2026-03-16 21:58:58 [Info] [3864] Prepare stage2
2026-03-16 21:58:58 [Warn] [3864] high cpu, cpu is 13
2026-03-16 21:58:58 [Info] [3864] try get sys version
2026-03-16 21:58:58 [Info] [3864] win sys info:2/10:0:3
2026-03-16 21:58:58 [Info] [3864] suit legal version, enable cpu control
2026-03-16 21:58:58 [Warn] [3864] High CPU Warning: 13
2026-03-16 21:58:58 [Warn] [3864] resource monitor exp type: High CPU Warning, script runing: 1, has run: 1
script trace back: 
File:windows-vul-check.py line: 877 in func: QueryServiceStatus
File:windows-vul-check.py line: 898 in func: check_viostor_status
File:windows-vul-check.py line: 911 in func: check_vul_viostor
File:windows-vul-check.py line: 961 in func: start
2026-03-16 21:58:58 [Info] [3864] start DownLoadBuffer update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat
2026-03-16 21:58:58 [Info] [3864] start do http get request for update.aegis.aliyun.com/download/win32/sysvul/formal/2016.dat
2026-03-16 21:58:58 [Info] [3864] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 21:58:59 [Info] [3864] http request success : https://update-vpc.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 21:58:59 [Info] [3864] start DownLoadBuffer aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5
2026-03-16 21:58:59 [Info] [3864] start do http get request for aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5
2026-03-16 21:58:59 [Info] [3864] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat.md5, http code : 200, curl ret : 0
2026-03-16 21:58:59 [Info] [3864] http request success : https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat, http code : 200, curl ret : 0
2026-03-16 21:58:59 [Info] [3864] http download from redirect url success with https://aegis.alicdn.com/download/win32/sysvul/formal/2016.dat
2026-03-16 21:58:59 [Info] [3864] DownLoadFile ok C:\Program Files (x86)\Alibaba\Aegis\aegis_client\aegis_12_80\rule\vuldata_v2.dat
2026-03-16 21:59:00 [Info] [3864] stage3: --windows-vul-check
2026-03-16 21:59:00 [Info] [3864] Loader after check
2026-03-16 21:59:01 [Warn] [3864] high cpu, cpu is 44
2026-03-16 21:59:01 [Warn] [3864] High CPU Warning: 44
2026-03-16 21:59:01 [Info] [3864] Enter reuse wait state.
2026-03-16 21:59:02 [Info] [3864] log memory size is 30720KB, real memory size is 23456KB
2026-03-16 21:59:03 [Info] [3864] recvmsg: EXIT
2026-03-16 21:59:03 [Info] [3864] Recv Exit Msg, Exit...
2026-03-16 21:59:06 [Warn] [3496] http request fail : https://update-vpc-classic.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-16 21:59:18 [Warn] [3496] http request fail : https://update-vpc-x.aegis.aliyuncs.com/file_policy/file , http code : -1, curl ret : 28
2026-03-16 21:59:18 [Info] [3496] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 21:59:19 [Info] [3496] http request success : https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5, http code : 200, curl ret : 0
2026-03-16 21:59:19 [Info] [3496] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/1765194519_amsi_reg_remove_official/win32/rtap_cfg.data.md5
2026-03-16 21:59:20 [Info] [3496] item: --windows-sysinfoext-check
2026-03-16 21:59:20 [Info] [3496] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 21:59:20 [Info] [3496] start do http get request for update.aegis.aliyun.com/download/SecureCheck/Gray/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 21:59:20 [Info] [3496] start post buffer update.aegis.aliyun.com/file_policy/file
2026-03-16 21:59:20 [Info] [3496] http request success : https://update-vpc-internet.aegis.aliyuncs.com/file_policy/file, http code : 200, curl ret : 0
2026-03-16 21:59:20 [Info] [3496] http request success : https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5, http code : 200, curl ret : 0
2026-03-16 21:59:20 [Info] [3496] http download from redirect url success with https://aegis.alicdn.com/rtap_file/official/release/win32/plugin/windows-sysinfoext-check.py.md5
2026-03-16 21:59:20 [Info] [3496] Prepare stage1: --windows-sysinfoext-check
2026-03-16 21:59:20 [Info] [3496] Prepare stage2
2026-03-16 21:59:22 [Info] [3496] stage3: --windows-sysinfoext-check
2026-03-16 21:59:22 [Info] [3496] Loader after check
2026-03-16 21:59:22 [Warn] [3496] high cpu, cpu is 14
2026-03-16 21:59:22 [Info] [3496] try get sys version
2026-03-16 21:59:22 [Info] [3496] win sys info:2/10:0:3
2026-03-16 21:59:22 [Info] [3496] suit legal version, enable cpu control
2026-03-16 21:59:22 [Warn] [3496] High CPU Warning: 14
2026-03-16 21:59:22 [Warn] [3496] resource monitor exp type: High CPU Warning, script runing: 0
2026-03-16 21:59:23 [Info] [3496] Enter reuse wait state.
2026-03-16 21:59:23 [Info] [3496] log memory size is 30720KB, real memory size is 23240KB
2026-03-16 21:59:25 [Info] [3496] recvmsg: EXIT
2026-03-16 21:59:25 [Info] [3496] Recv Exit Msg, Exit...