0-25 21:45:20 [Info] webshell timescan user conf:1 2022-10-25 21:45:20 [Info] webshell fastscan user conf:1 2022-10-25 21:45:20 [Info] proc_info user conf:1 2022-10-25 21:45:20 [Info] tcp_netstat user conf:1 2022-10-25 21:45:20 [Info] bin_repo user conf:1 2022-10-25 21:45:20 [Info] bin_repo_auto_deleted user conf:1 2022-10-25 21:45:20 [Info] kprobe_trace user conf:0 2022-10-25 21:45:20 [Info] kprobe_trace_file user conf:0 2022-10-25 21:45:20 [Info] proc_file_enable user conf:1 2022-10-25 21:45:20 [Info] proc_file_create_new_only user conf:1 2022-10-25 21:45:20 [Info] proc_file_filter user conf:1 2022-10-25 21:45:20 [Info] set send queue limit value [4096] 2022-10-25 21:45:20 [Info] tcp_snapshot user conf:1 2022-10-25 21:45:20 [Info] tcp_trace_clear user conf:0 2022-10-25 21:45:20 [Info] tcp_trace user conf:0 2022-10-25 21:45:20 [Info] bash_shell user conf:0 2022-10-25 21:45:20 [Info] script_repo user conf:1 2022-10-25 21:45:20 [Info] script_no_suffix user conf:0 2022-10-25 21:45:20 [Info] data_send_loop_time user conf:100 2022-10-25 21:45:20 [Info] data_list_limit user conf:10000 2022-10-25 21:45:20 [Info] file_push_timeout user conf:60 2022-10-25 21:45:20 [Info] bin_file_size_limit user conf:20971520 2022-10-25 21:45:20 [Info] monitor_all user conf:0 2022-10-25 21:45:20 [Info] proc_chain user conf:1 2022-10-25 21:45:20 [Info] proc_filter user conf:2 2022-10-25 21:45:20 [Info] proc_filter_statistic user conf:1 2022-10-25 21:45:20 [Info] proc_filter_method user conf:1 2022-10-25 21:45:20 [Info] event_log user conf:1 2022-10-25 21:45:20 [Info] proc_reg user conf:1 2022-10-25 21:45:20 [Info] proc_limit user conf:1 2022-10-25 21:45:20 [Info] proc_parent_check user conf:0 2022-10-25 21:45:20 [Info] proc_force_chain_check user conf:0 2022-10-25 21:45:20 [Info] queue_size_ratio user conf:80 2022-10-25 21:45:20 [Info] set send queue ratio value [80] 2022-10-25 21:45:20 [Info] kprobe_trace_accept user conf:0 2022-10-25 21:45:20 [Info] thread_inject user conf:1 2022-10-25 21:45:20 [Info] proc_access user conf:1 2022-10-25 21:45:20 [Info] kprobe_trace_unixsocket user conf:1 2022-10-25 21:45:20 [Info] enable trace ok: 2022-10-25 21:45:20 [Info] Api Call Event Reg Ok. 2022-10-25 21:45:20 [Info] thread api_call using 0ms 2022-10-25 21:45:20 [Info] GetMessage : T_MSG_CHECK 2022-10-25 21:45:20 [Info] task 4c24b2c5-1fe2-43bd-9176-e1bcb259b851 has 1 items, priority is 1, aggregate is 0 2022-10-25 21:45:21 [Info] start DownLoadBuffer update.aegis.aliyun.com/download/SecureCheck/GrayList 2022-10-25 21:45:21 [Info] HttpGetToBuffer Success : aegis.alicdn.com/download/SecureCheck/GrayList,code:200, ret:0 2022-10-25 21:45:21 [Info] HttpGetToBuffer Success : aegis.alicdn.com/download/SecureCheck/GrayList.md5,code:200, ret:0 2022-10-25 21:45:21 [Info] DownLoadBuffer ok update.aegis.aliyun.com/download/SecureCheck/GrayList 2022-10-25 21:45:21 [Info] start to check remote md5 2022-10-25 21:45:21 [Info] start DownLoadFile update.aegis.aliyun.com/download/SecureCheck/Gray/win32/AliSecureCheckAdvanced.zip.md5 2022-10-25 21:45:21 [Info] HttpGetToBuffer Success : aegis.alicdn.com/download/SecureCheck/Gray/win32/AliSecureCheckAdvanced.zip.md5,code:200, ret:0 2022-10-25 21:45:21 [Info] DownLoadFile ok C:/Program Files (x86)/Alibaba/Aegis/PythonLoader/AliSecureCheckAdvanced.zip.md5.tmp 2022-10-25 21:45:21 [Info] run rtap work --windows-sysinfoext-check 2022-10-25 21:45:21 [Info] ipc client:Rtap269271666705521_handler Reg client_name:Rtap269271666705521 on WhiteList 2022-10-25 21:45:21 [Info] New ClientConnectNotify : Rtap269271666705521 2022-10-25 21:45:21 [Info] ipc client:Rtap269271666705521 Reg msg_type:T_MSG_IPC_NETWORK_NOTIFY on WhiteList 2022-10-25 21:45:21 [Info] ipc client:Rtap269271666705521 Reg client_name:protocol_ipc_client on WhiteList 2022-10-25 21:45:22 [Info] Rtap Platform Rtap269271666705521 execv work --windows-sysinfoext-check on pid 308 2022-10-25 21:45:28 [Info] GetMessage : T_MSG_CHECK 2022-10-25 21:45:28 [Info] task 396bd40e90f60a038a605a52977ab424 has 1 items, priority is 1, 9D99_Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampcreaterequest.php5d84076d896b766751c2b4da146e59c7\ cgwebfileB^%Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountwhitelistupdaterequest.phpc9477288554439835ed370c562348c00\ cfwebfileA]#Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountwhitelistqueryrequest.php0c90d91d699d1100a36838cb9e6ca767\ cfwebfile?\Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountstatusupdaterequest.phpcabfe889bd1866d31894b1ff65d3eb04\ cfwebfile8[Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountqueryrequest.phpc9a9f0c0e45b4024ed30aed83f15b717\ cfwebfile 9Ts%c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountwhitelistupdaterequest.phpށ c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampcreaterequest.php߁c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampqueryrequest.phpc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampstatusupdaterequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampupdaterequest.php%c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampwhitelistcreaterequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaignprizeamountqueryrequest.php5[|c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcardactivateformqueryrequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcardformtemplatesetrequest.php!c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcashlessvouchertemplatecreaterequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcdpadvertisereportqueryrequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingtoolfengdiesitesbatchqueryrequest.phpc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingtoolfengdiespacequeryrequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingvoucherqueryrequest.phpAAGonc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/koubeimarketingcampaignactivityqueryr_  c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingvouchertemplatelistqueryrequest.php ukc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipayebppbillgetrequest.php] c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipayecomycarparkingenterinfosyncrequest.phpՁ#c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndiscountwhitelistqueryrequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingvouchertemplatelistqueryrequest.php c:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipayofflinemarketapplyorderbatchqueryrequest.php] ?D?;dMc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaignprizeamountqueryrequest.phpb062ef730dbb19b9f5bce327718bbb66\ cgwebfileBc%Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampwhitelistcreaterequest.phpfb44604d3f994e9f13b002f1ead3a4b2\ cgwebfile9bMc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampupdaterequest.phpec724b4a566102397d77d34a502543bc\ cgwebfile?aMc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampstatusupdaterequest.php7bcec0c9243230914b881fd6380d7a5a\ cgwebfile8`Mc:/hwshostmaster/wwwroot/wxshopo_bae26t/web/vendor/wi1dcard/alipay-sdk/aop/request/alipaymarketingcampaigndrawcampqueryrequest.php16ca3fb51a905d5ae0d22e6b95e790c0\ cgwebfile J&0:DNXblv  *4>HR\fpz$.8BLV`jt~ cn cn cn! cn" cn# cn$ cp% cp& cp' cp( cn cn cn! cn" cn# cn$ cp% cp& cp' cp( cp) cp* cp+ cp, cp- cp. cp/ cq0 cq1 cq2 cq3 cq4 cq5 cq6 cq7 cr8 cr9 cr: cr; cr< cr= cr> cr? cr@ csA csB csC csD csE csF csG csH csI c