Likely you are using an unpatched “asterisk recordings interface”. This was one of the reasons we do module signing now. Note you likely have a system call in some random file that calls every time you load up a page. The safest move is to reinstall. If you install FreePBX 12+ it has module signing that will raise a flag if any files are tampered with.