Ir ao conteúdo
  • Cadastre-se
ThiagopradoX99

Estou sendo invadido?

Recommended Posts

Boa noite pessoal! Este é meu primeiro post! Estou com uma duvida se estou sendo invadido, encontrei uma pasta na unidade C chamada de $GetCurrent, dentro dela havia outra pasta chamada LOG, e dentro dois blocos de notas com o nome de downlevel_2016_11_08_19_49_53_211 e a outra com o nome de rollback_2016_11_09_01_52_41_417 com as seguintes informações: 

 

2016-11-08 19:49:53.211, Info      [Environment::Initialize] Start...
2016-11-08 19:49:53.267, Info      [Environment::Initialize] wstrStartDeployTime = 2016-11-08 19:49:53:146
2016-11-08 19:49:53.267, Info      [Environment::Initialize] wstrSystemDrive = C:
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrTargetNewOSDrive = C:
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrLogPath = C:\$GetCurrent\Logs
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrLogFileFullPath = C:\$GetCurrent\Logs\downlevel_2016_11_08_19_49_53_211.log
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrTempPath = \$GetCurrent
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrTempFolder = C:\$GetCurrent
2016-11-08 19:49:53.268, Info      [Environment::Initialize] wstrReportPath = C:\$GetCurrent\downlevel_2016_11_08_19_49_53_211.rpt
2016-11-08 19:49:53.298, Info      [Environment::Initialize] wstrExecutablePath = C:\Windows10Upgrade
2016-11-08 19:49:53.298, Info      [Environment::Initialize] Exe name = Windows10UpgraderApp.exe
2016-11-08 19:49:53.298, Info      [Environment::Initialize] wstrSystemTempFolder = C:\Users\thiago\AppData\Local\Temp
2016-11-08 19:49:53.298, Info      [Environment::Initialize] wstrTempMedia = C:\$GetCurrent\media
2016-11-08 19:49:53.298, Info      [Environment::Initialize] wstrSafeOSFolder = C:\$GetCurrent\SafeOS
2016-11-08 19:49:53.298, Info      [Environment::Initialize] wstrcV = SJfxUHJm60+g7TqH.999
2016-11-08 19:49:53.299, Warning   [WMIHelper::GetHardwareId]  CoInitializeSecurity failed, Error = 0x80010119
2016-11-08 19:49:53.542, Info      [WMIHelper::GetRegMachineId]  Open an existing reg key HKLM\SOFTWARE\Microsoft\SQMClient.
2016-11-08 19:49:53.542, Info      [Environment::Initialize]  Machine Id is: {26C45015-9FCE-4101-B23E-188C52BB4D29}
2016-11-08 19:49:53.542, Info      [Environment::Initialize]  Device Id is: f5fb683477a7199e6f8cb35b442c2652c2cbc5ed
2016-11-08 19:49:53.542, Info      [Environment::Initialize] Windows Version: 6.1 (7601),Service Pack 1,producttype=1
2016-11-08 19:49:53.542, Info      [Environment::Initialize] wstrPostOobeScriptFilename = C:\$GetCurrent\SafeOS\SetupComplete.cmd
2016-11-08 19:49:53.542, Info      [Environment::Initialize] wstrRollbackScriptFilename = C:\$GetCurrent\SafeOS\Rollback.cmd
2016-11-08 19:49:53.542, Info      [Environment::Initialize] wstrRollbackInformationFilename = C:\$GetCurrent\SafeOS\GetCurrentRollback.ini
2016-11-08 19:49:53.542, Info      [Environment::Initialize] wstrWINRESetupPhaseFilename = C:\$GetCurrent\SafeOS\GetCurrentWinRESetup.ini
2016-11-08 19:49:53.542, Info      [Environment::Initialize] bLADTest = 0
2016-11-08 19:49:53.542, Info      [Environment::Initialize]  Init Telemetry system based on WER APIs
2016-11-08 19:49:53.542, Info      [Environment::Initialize] Finished
2016-11-08 19:49:53.542, Warning   [GetCurrent_Initialize] This version doesn't verify signature information
2016-11-08 19:49:53.581, Info      [GetCurrent_Initialize]  Get licensed status succeeded! hr = 0x0 
2016-11-08 19:49:53.581, Info      [GetCurrent_Initialize]  Check licensed status succeeded! hr = 0x0 
2016-11-08 19:49:53.602, Info      [FileSystemCheck::Run] Get volume information C:\
2016-11-08 19:49:53.602, Info      [FileSystemCheck::Run] Volume Information: VolumeName=OS SN=0x36d23e11, MaxComponentLength=255, FileSystemFlags=0x3e700ff, FileSystemName=NTFS
2016-11-08 19:49:53.602, Info      [RAMCheck::Run] Get physical RAM=4000 MB
2016-11-08 19:49:53.602, Info      [EditionIDCheck::Run] bIsServer = 0
2016-11-08 19:49:53.602, Info      [EditionIDCheck::Run] EditionID = HomeBasic
2016-11-08 19:49:53.602, Info      [MinimalRequirementCheck] hr = 0x0, ResultBits = 0x0
2016-11-08 19:49:53.602, Info      [GetCurrent_Initialize]  MinimalRequirement Check succeeded! hr = 0x0 
2016-11-08 19:49:53.602, Info      [GetCurrent_Initialize] Load appraiserxp.dll
2016-11-08 19:49:53.673, Info      [GetCurrent_Initialize]  Load appraiserxp.dll succeeded! hr = 0x0 
2016-11-08 19:49:53.673, Info      [GetCurrent_Initialize] Get IsReady function
2016-11-08 19:49:53.674, Info      [GetCurrent_Initialize]  Get IsReady function succeeded! hr = 0x0 
2016-11-08 19:49:53.674, Info      [GetCurrent_Initialize] pfnIsReady: 0x591c5910
2016-11-08 19:49:53.674, Info      [GetCurrent_Initialize] isPushing: 0
2016-11-08 19:49:53.674, Info      [GetCurrent_Initialize]  Call Compact check IsReady succeeded! hr = 0x0 
2016-11-08 19:49:53.674, Info      [GetCurrent_Initialize]  Compact Check succeeded! isReady = 1 
2016-11-08 19:49:53.700, Info      [GetCurrent_SetPartnerPostOOBEScript]  Create GetCurrent SafeOS Folder succeeded! hr = 0x0 
2016-11-08 19:49:53.702, Info      [GetCurrent_SetPartnerPostOOBEScript]  Copy partner post oobe script succeeded! dwReturn = 0x1 GetLastError = 0x0 
2016-11-08 19:49:53.702, Info      [GetCurrent_SetPartnerID] Partner ID is {E52ABFC2-76BB-4908-883F-CA581FDD83F9}
2016-11-08 19:49:53.702, Info      [GetCurrent_SetPartnerID] Partner Name is VNL
2016-11-08 19:49:53.703, Warning   [SystemRequirementCheck::IsUpgradeOptionSupported] Upgrade option type (0x800) is not allowed. But we'll continue. We'll fix this late.
2016-11-08 19:49:53.703, Info      [GetCurrent_SetUpgradeOptionType] Upgrade option: 0x800
2016-11-08 19:49:53.703, Info      [GetCurrent_SyncDataEx] Start sync with external...
2016-11-08 19:49:53.703, Info      [GetCurrent_SyncDataEx] Get wstrExternalId = {508C8AE7-C2CA-4E50-9E3A-B0FD10CEFA27} from external.
2016-11-08 19:49:53.703, Info      [GetCurrent_SyncDataEx] Get wstrExternalIdDescription = URL:24074:<1.4.9200.17364>:<1> from external.
2016-11-08 19:49:53.703, Info      [GetCurrent_SyncDataEx] Set Assistant Show Up time = 2016-11-08 07:27:11:101.
2016-11-08 19:49:53.704, Info      [GetCurrent_SyncDataEx] Set Download Image Duration = 44549 seconds.
2016-11-08 19:49:53.704, Info      [GetCurrent_SyncDataEx] Set Restart times during download = 3.
2016-11-08 19:49:53.704, Info      [GetCurrent_SyncDataEx] Set wstrDeviceId = f5fb683477a7199e6f8cb35b442c2652c2cbc5ed to external.
2016-11-08 19:49:53.704, Info      [GetCurrent_SyncDataEx] Set wstrcV = SJfxUHJm60+g7TqH.999 to external.
2016-11-08 19:49:53.704, Info      [GetCurrent_SyncDataEx] End sync with external...
2016-11-08 19:49:53.704, Info      [GetCurrent_StartDeploy] Check GetCurrent mutex: dwError = 0x2f4fb4b1 
2016-11-08 19:49:53.704, Info      [GetCurrent_StartDeploy] Check Setup360 mutex: dwError = 0x2f4fb4b1 
2016-11-08 19:49:53.704, Info      [GetCurrent_StartDeploy] No other GetCurrentDeploy instance, start deploy ... 
2016-11-08 19:49:53.704, Info      [DoXPDeployment]  wstrSetupSourceFolderOrFile = C:\Windows10Upgrade\14393.0.160715-1616.rs1_release_CLIENTCombinedSL_RET_x64fre_pt-br.esd
2016-11-08 19:49:53.704, Info      [DoXPDeployment]  Create action chain ...
2016-11-08 19:49:53.704, Info      [DoXPDeployment] Windows Version: 6.1 (7601),Service Pack 1,1, 768
2016-11-08 19:49:53.704, Info      [DoXPDeployment] Win 7 and plus, use win 10 setup directly
2016-11-08 19:49:53.705, Info      [DoXPDeployment]  Execute action chain
2016-11-08 19:49:53.728, Info      [XPSetupActionQueue::Execute]  Execute action chains of class XPSAQ<class EntryQueueDelegatorForWin7Later> ...
2016-11-08 19:49:53.729, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class EnableWUNoAutoRebootDelegator> ...
2016-11-08 19:49:53.729, Info      [EnableWUNoAutoRebootDelegator::ExecuteAction]  Can't read WU Auto Reboot Policy, error = 0x2
2016-11-08 19:49:53.734, Info      [EnableWUNoAutoRebootDelegator::ExecuteAction]  Disable WU Auto Reboot in policies succeeded! hr = 0x0 
2016-11-08 19:49:53.734, Info      [WinUtil::RunCommand]  Command Line: gpupdate /force
2016-11-08 19:49:54.266, Info      [WinUtil::RunCommand]  Waiting for process 0x8a4
2016-11-08 19:50:09.180, Info      [WinUtil::RunCommand]  process exited as expected.
2016-11-08 19:50:09.180, Info      [WinUtil::RunCommand]  Process returned: 0x0
2016-11-08 19:50:09.181, Info      [EnableWUNoAutoRebootDelegator::ExecuteAction]  Update the Goup Policy forcely succeeded! hr = 0x0 
2016-11-08 19:50:09.181, Info      [XPSetupAction::Execute]  The action is marked to ingore execution error. hr = 0x0
2016-11-08 19:50:09.181, Info      [XPSetupActionQueue::Execute]  Execute action chains of class XPSAQ<class StartWUDelegator> ...
2016-11-08 19:50:09.181, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class StartWUServiceDelegator> ...
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  Open SC Manager succeeded! m_hSCManager = 0x77d4138 GetLastError = 0x0 
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  SC Manager Handle: 0x77d4138
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  Open Service succeeded! m_hWUService = 0x77d44f8 GetLastError = 0x0 
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  Service Handle: 0x77d44f8
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  QUERY_SERVICE_CONFIG size: 256
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  Query service config succeeded! fSuccess = 0x1 GetLastError = 0x0 
2016-11-08 19:50:09.181, Info      [StartWUServiceDelegator::TryStartService]  Start type: 0x2
2016-11-08 19:50:09.182, Info      [StartWUServiceDelegator::TryStartService]  Query service status succeeded! fSuccess = 0x1 GetLastError = 0x0 
2016-11-08 19:50:09.182, Info      [StartWUServiceDelegator::TryStartService]  Current status: 0x4
2016-11-08 19:50:09.182, Info      [XPSetupAction::Execute]  The action is marked to ingore execution error. hr = 0x0
2016-11-08 19:50:09.182, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class ConfigWUPolicyDelegator> ...
2016-11-08 19:50:09.182, Info      [XPSetupAction::Execute]  The action is marked to ingore execution error. hr = 0x0
2016-11-08 19:50:09.182, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class DecryptEsdFileDelegator> ...
2016-11-08 19:50:09.226, Info      [DecryptEsdFileDelegator::ExecuteAction]  Create temporary folder: C:\$GetCurrent\media
2016-11-08 19:50:09.226, Info      [DecryptEsdFileDelegator::ExecuteAction]  Create temporary folder succeeded! hr = 0x0 
2016-11-08 19:50:09.226, Info      [DecryptEsdFileDelegator::ExecuteAction]  Start Decrypt Esd file...
2016-11-08 19:50:09.226, Info      [DecryptEsdFileDelegator::ExecuteAction]  Start decrypt at : 2016-11-08 19:50:09:226
2016-11-08 19:50:09.226, Info      [DecryptEsdFileDelegator::ExecuteAction]  Invoke function : DecryptESDFile()...
2016-11-08 19:50:09.404, Warning   [EsdDecryptCallbackFunc]  Progress Flag File is not set, set is as default [progress.ini]
2016-11-08 19:56:11.850, Info      [DecryptEsdFileDelegator::ExecuteAction]  Decrypt from local key file.
2016-11-08 19:56:11.850, Info      [DecryptEsdFileDelegator::ExecuteAction]  Local key ID is {15D93284-3462-4B29-9CC9-8EF6B0825C42}.
2016-11-08 19:56:11.850, Info      [DecryptEsdFileDelegator::ExecuteAction]  Client IP Address is : 0.0.0.0
2016-11-08 19:56:11.850, Info      [DecryptEsdFileDelegator::ExecuteAction]  Http duration time is : 0ms
2016-11-08 19:56:13.652, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class DeleteSourceSetupDelegator> ...
2016-11-08 19:56:13.652, Info      [DeleteSourceSetupDelegator::ExecuteAction]  Target architecture : amd64
2016-11-08 19:56:13.740, Info      [DeleteSourceSetupDelegator::ExecuteAction] bIsDataOnlyMigration : 0 bTargetArchIsAmd64 : 1 bCurrentArchIsAmd64 : 1
2016-11-08 19:56:13.740, Info      [DeleteSourceSetupDelegator::ExecuteAction]  Delete legacy setup binary to force setup360 run : C:\$GetCurrent\media\sources\setup.exe
2016-11-08 19:56:13.741, Info      [DeleteSourceSetupDelegator::ExecuteAction]  Delete legacy setup binary succeeded! hr = 0x0 
2016-11-08 19:56:13.742, Info      [XPSetupActionQueue::Execute]  Execute action chains of class XPSAQ<class RollbackPrepDelegator> ...
2016-11-08 19:56:13.742, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class SaveRollbackInformationDelegator> ...
2016-11-08 19:56:13.746, Info      [SaveRollbackInformationDelegator::ExecuteAction]  Ensure SafeOS folder: C:\$GetCurrent\SafeOS
2016-11-08 19:56:13.747, Info      [SaveRollbackInformationDelegator::ExecuteAction]  Create SafeOS folder succeeded! hr = 0x0 
2016-11-08 19:56:13.749, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class DeployGetCurrentOOBEDelegator> ...
2016-11-08 19:56:13.750, Info      [CopyFileDelegator::ExecuteAction]  Copy file: C:\Windows10Upgrade\GetCurrentOOBE.dll -> C:\$GetCurrent\SafeOS\GetCurrentOOBE.dll 
2016-11-08 19:56:13.872, Info      [CopyFileDelegator::ExecuteAction]  CopyFileDelegator::ExecuteAction succeeded! fSuccess = 0x1 GetLastError = 0x0 
2016-11-08 19:56:13.873, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class CreatePreOobeScriptDelegator> ...
2016-11-08 19:56:13.873, Info      [CreatePreOobeScriptDelegator::ExecuteAction]  Output filename: C:\$GetCurrent\SafeOS\preoobe.cmd
2016-11-08 19:56:13.893, Info      [CreatePreOobeScriptDelegator::ExecuteAction]  Open preoobe.cmd succeeded! fout = 0x1 
2016-11-08 19:56:13.894, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class CreatePostOobeScriptDelegator> ...
2016-11-08 19:56:13.894, Info      [CreatePostOobeScriptDelegator::ExecuteAction]  Output filename: C:\$GetCurrent\SafeOS\SetupComplete.cmd
2016-11-08 19:56:13.894, Info      [CreatePostOobeScriptDelegator::ExecuteAction]  Open SetupComplete.cmd succeeded! fout = 0x1 
2016-11-08 19:56:13.895, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class ConfigRollbackRunDelegator> ...
2016-11-08 19:56:13.896, Info      [ConfigRollbackRunDelegator::ExecuteAction]  Open an existing reg key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce.
2016-11-08 19:56:13.896, Info      [ConfigRollbackRunDelegator::ExecuteAction]  Update Registry Value, Path=SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, !GetCurrentRollback="C:\Windows10Upgrade\GetCurrentRollback.exe" "progress.ini" "C:" "URL:24074:<1.4.9200.17364>:<1>"
2016-11-08 19:56:13.899, Info      [ConfigRollbackRunDelegator::ExecuteAction]  Update Registry Value succeeded! hr = 0x0 
2016-11-08 19:56:13.899, Info      [XPSetupAction::Execute]  The action is marked to ingore execution error. hr = 0x0
2016-11-08 19:56:13.899, Info      [XPSetupAction::Execute]  Execute action of class XPSA<class RunSetupForWin7LaterDelegator> ...
2016-11-08 19:56:13.899, Info      [RunSetupForWin7LaterDelegator::ExecuteAction]  Command Line: C:\$GetCurrent\media\setup.exe /auto upgrade /showoobe full /quiet /Compat IgnoreWarning /Pkey Defer /noreboot /postoobe C:\$GetCurrent\SafeOS\SetupComplete.cmd /CorrelationVector SJfxUHJm60+g7TqH.999 /ClientId Win10China:VNL:URL:24074:<1.4.9200.17364>:<1>:{508C8AE7-C2CA-4E50-9E3A-B0FD10CEFA27}:[6.1.7601]:[2] /telemetry enable
2016-11-08 19:56:13.900, Info      [WinUtil::RunCommand]  Command Line: C:\$GetCurrent\media\setup.exe /auto upgrade /showoobe full /quiet /Compat IgnoreWarning /Pkey Defer /noreboot /postoobe C:\$GetCurrent\SafeOS\SetupComplete.cmd /CorrelationVector SJfxUHJm60+g7TqH.999 /ClientId Win10China:VNL:URL:24074:<1.4.9200.17364>:<1>:{508C8AE7-C2CA-4E50-9E3A-B0FD10CEFA27}:[6.1.7601]:[2] /telemetry enable
2016-11-08 19:56:14.728, Info      [WinUtil::RunCommand]  Waiting for process 0x948

 

 

 

a outra pasta 

 

2016-11-09 01:52:41.620, Info      [Environment::Initialize] Start...
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrStartDeployTime = 2016-11-09 01:52:41:293
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrSystemDrive = C:
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrTargetNewOSDrive = C:
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrLogPath = C:\$GetCurrent\Logs
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrLogFileFullPath = C:\$GetCurrent\Logs\rollback_2016_11_09_01_52_41_417.log
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrTempPath = \$GetCurrent
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrTempFolder = C:\$GetCurrent
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrReportPath = C:\$GetCurrent\rollback_2016_11_09_01_52_41_417.rpt
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrExecutablePath = C:\Windows10Upgrade
2016-11-09 01:52:41.667, Info      [Environment::Initialize] Exe name = GetCurrentRollback.EXE
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrSystemTempFolder = C:\Users\thiago\AppData\Local\Temp
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrTempMedia = C:\$GetCurrent\media
2016-11-09 01:52:41.667, Info      [Environment::Initialize] wstrSafeOSFolder = C:\$GetCurrent\SafeOS
2016-11-09 01:52:41.776, Info      [Environment::Initialize] wstrcV = YHGtyhC1X0yLYphH.999
2016-11-09 01:52:41.823, Info      [WMIHelper::GetRegMachineId]  Open an existing reg key HKLM\SOFTWARE\Microsoft\SQMClient.
2016-11-09 01:52:41.823, Info      [Environment::Initialize]  Machine Id is: {26C45015-9FCE-4101-B23E-188C52BB4D29}
2016-11-09 01:52:41.823, Info      [Environment::Initialize]  Device Id is: f5fb683477a7199e6f8cb35b442c2652c2cbc5ed
2016-11-09 01:52:41.823, Info      [Environment::Initialize] Windows Version: 6.1 (7601),Service Pack 1,producttype=1
2016-11-09 01:52:41.823, Info      [Environment::Initialize] wstrPostOobeScriptFilename = C:\$GetCurrent\SafeOS\SetupComplete.cmd
2016-11-09 01:52:41.823, Info      [Environment::Initialize] wstrRollbackScriptFilename = C:\$GetCurrent\SafeOS\Rollback.cmd
2016-11-09 01:52:41.823, Info      [Environment::Initialize] wstrRollbackInformationFilename = C:\$GetCurrent\SafeOS\GetCurrentRollback.ini
2016-11-09 01:52:41.823, Info      [Environment::Initialize] wstrWINRESetupPhaseFilename = C:\$GetCurrent\SafeOS\GetCurrentWinRESetup.ini
2016-11-09 01:52:41.823, Info      [Environment::Initialize] bLADTest = 0
2016-11-09 01:52:41.823, Info      [Environment::Initialize]  Init Telemetry system based on WER APIs
2016-11-09 01:52:41.823, Info      [Environment::Initialize] Finished
2016-11-09 01:52:41.823, Info      [GetCurrentInternal_ReportRollbackEvent]  wszReasonFile: progress.ini
2016-11-09 01:52:41.823, Info      [GetCurrentInternal_ReportRollbackEvent]  wszTargetDrive: C:
2016-11-09 01:52:41.823, Info      [GetCurrentInternal_ReportRollbackEvent]  wszExternalId: URL:24074:<1.4.9200.17364>:<1>
2016-11-09 01:52:42.026, Info      [RestoreRollbackRegSetting] Restore [OriginalWUNoAuUpdate=] to Reg: Path = SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU, KeyName=NoAutoUpdate.
2016-11-09 01:52:42.041, Info      [RestoreRollbackRegSetting] Restore successfully
2016-11-09 01:52:47.299, Info      [GetCurrentInternal_ReportRollbackEvent] wszRollbackReason = Setup, treated as upgrade failed.
2016-11-09 01:52:47.361, Warning   [GetRollbackConfig]  Get Config [(null)] from rollback configuration failed, error is 0.
2016-11-09 01:52:47.361, Info      [CallPartnerRollbackCmd]  Partner rollback command line: 
2016-11-09 01:52:47.361, Warning   [CallPartnerRollbackCmd]  CreateProcess failed, Error = 6
2016-11-09 01:52:47.486, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Panther\UnattendGC\*.* failed, error = 3.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_57_44_3_00000021.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_57_45_3_00000021.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_58_46_3_00000140.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_58_47_3_00000140.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\compatscancache.dat, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\GenuineTicket.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\setupact.log, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\setuperr.log, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_EverythingSys.bin, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_HumanReadable.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutput.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutputHw.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\windlp.state-old.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\windlp.state.xml, prepare to add to .cab.
2016-11-09 01:52:47.501, Info      [AddRollbackLogFiles] Find file C:\$Windows.~BT\Sources\Panther\_s_1FF4.tmp, prepare to add to .cab.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\SetupPlatform.ini failed, error = 2.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Panther\setupapi\*.* failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\setupapi\*.* failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\diagerr.xml failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\SetupAct.log failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\setuperr.log failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\setupmem.dmp failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\rollbackinfo.ini failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\scmlogs\scm.evm* failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\evtlogs\*.* failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\$Windows.~BT\Sources\Rollback\Minidump\*.* failed, error = 3.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\windows\Logs\CBS\CheckSUR.persist.log failed, error = 2.
2016-11-09 01:52:47.564, Warning   [AddRollbackLogFiles] Find file in C:\windows\Logs\CBS\CheckSUR.log failed, error = 2.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\inf\setupapi.app.log, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\inf\setupapi.dev.log, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\inf\setupapi.offline.log, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\Logs\DISM\dism.log, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CBS.log, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CbsPersist_20160227153909.cab, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CbsPersist_20160415232944.cab, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CbsPersist_20160605150857.cab, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CbsPersist_20160724015957.cab, prepare to add to .cab.
2016-11-09 01:52:47.564, Info      [AddRollbackLogFiles] Find file C:\windows\logs\cbs\CbsPersist_20161001202854.cab, prepare to add to .cab.
2016-11-09 01:52:47.579, Info      [AddRollbackLogFiles] Find file C:\windows\Minidump\050716-30638-01.dmp, prepare to add to .cab.
2016-11-09 01:52:47.579, Info      [AddRollbackLogFiles] Find file C:\windows\Minidump\051516-52229-01.dmp, prepare to add to .cab.
2016-11-09 01:52:47.579, Info      [AddRollbackLogFiles] Find file C:\windows\debug\WIA\wiatrace.log, prepare to add to .cab.
2016-11-09 01:52:47.579, Info      [AddRollbackLogFiles] Find file C:\windows\MEMORY.DMP, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\UnattendGC\diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\UnattendGC\diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:47.611, Warning   [AddRollbackLogFiles] Find file in C:\windows\System32\winevt\Logs\Application.evtx  failed, error = 3.
2016-11-09 01:52:47.611, Warning   [AddRollbackLogFiles] Find file in C:\windows\System32\winevt\Logs\System.evtx failed, error = 3.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\WindowsUpdate.log, prepare to add to .cab.
2016-11-09 01:52:47.611, Warning   [AddRollbackLogFiles] Find file in C:\windows\Panther\Rollback failed, error = 2.
2016-11-09 01:52:47.611, Warning   [AddRollbackLogFiles] Find file in C:\windows\Panther\FastCleanup\*.* failed, error = 3.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\cbs.log, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\cbs_unattend.log, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\DDACLSys.log, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\DlTel.etl, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\setup.etl, prepare to add to .cab.
2016-11-09 01:52:47.611, Info      [AddRollbackLogFiles] Find file C:\windows\Panther\unattend.xml, prepare to add to .cab.
2016-11-09 01:52:47.611, Error     [ParseSetup360RollbackInfor]  rollbackinfo.ini doesn't exist: C:\$Windows.~BT\Sources\Rollback\rollbackinfo.ini
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::CanSendTelemetry]  Telemetry allowed through CEIP setting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::TelemetryBasedOnWER::CEIPCheck]  Begin to check CEIP.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::CheckInternet]  Begin to check Internet setting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Open an existing reg key 80000001\Software\Microsoft\Windows\CurrentVersion\Internet Settings.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::TelemetryBasedOnWER::WERCheck]  Begin to check WER settings.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Open an existing reg key 80000002\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Open an existing reg key 80000002\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Open an existing reg key 80000002\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Open an existing reg key 80000002\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::RegCheck]  Reg check passed.
2016-11-09 01:52:47.611, Info      [TelemetryUpgrade::TelemetryBasedOnWER::RemoveCorporateWerServerForWER]  Begin to check WER settings for WER server.
2016-11-09 01:52:48.125, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Watson report parameters: 
    P1 = Win10UpgradeChina
    P2 = RolledBack
    P3 = Can't find the rollbackinfo.ini
    P4 = 6.1 (7601),Service Pack 1,1, 768
    P5 = {E52ABFC2-76BB-4908-883F-CA581FDD83F9}
    P6 = -2147418113
    P7 = 1.4.9200.17364-[URL:24074:<1.4.9200.17364>:<1>]
    P8 = Undefined
    P9 = true
    P10 = Undefined.
2016-11-09 01:52:48.125, Info      [TelemetryUpgrade::TelemetryData::GenerateReport]  Start create watson report...
2016-11-09 01:52:48.141, Info      [TelemetryUpgrade::TelemetryData::GenerateReport]  Create watson report succeed!
2016-11-09 01:52:48.141, Info      [TelemetryUpgrade::TelemetryData::GenerateReport]  End create watson report...
2016-11-09 01:52:48.141, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$GetCurrent\rollback_2016_11_09_01_52_41_417.rpt.
2016-11-09 01:52:48.141, Info      [_AddFilesToCab] Find file rollback_2016_11_09_01_52_41_417.rpt, prepare to add to .cab.
2016-11-09 01:52:48.141, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_57_44_3_00000021.xml.
2016-11-09 01:52:48.172, Info      [_AddFilesToCab] Find file CompatData_2016_11_08_09_57_44_3_00000021.xml, prepare to add to .cab.
2016-11-09 01:52:48.172, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_57_45_3_00000021.xml.
2016-11-09 01:52:48.172, Info      [_AddFilesToCab] Find file CompatData_2016_11_08_09_57_45_3_00000021.xml, prepare to add to .cab.
2016-11-09 01:52:48.172, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_58_46_3_00000140.xml.
2016-11-09 01:52:48.172, Info      [_AddFilesToCab] Find file CompatData_2016_11_08_09_58_46_3_00000140.xml, prepare to add to .cab.
2016-11-09 01:52:48.172, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\CompatData_2016_11_08_09_58_47_3_00000140.xml.
2016-11-09 01:52:48.172, Info      [_AddFilesToCab] Find file CompatData_2016_11_08_09_58_47_3_00000140.xml, prepare to add to .cab.
2016-11-09 01:52:48.172, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\compatscancache.dat.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file compatscancache.dat, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\diagerr.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\diagwrn.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\GenuineTicket.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file GenuineTicket.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\setupact.log.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file setupact.log, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\setuperr.log.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file setuperr.log, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_EverythingSys.bin.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_EverythingSys.bin, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_HumanReadable.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_HumanReadable.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutput.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutput.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutputHw.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file SJfxUHJm60+g7TqH.999.3.4.0.0_APPRAISER_SetupOutputHw.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\windlp.state-old.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file windlp.state-old.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\windlp.state.xml.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file windlp.state.xml, prepare to add to .cab.
2016-11-09 01:52:48.188, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$Windows.~BT\Sources\Panther\_s_1FF4.tmp.
2016-11-09 01:52:48.188, Info      [_AddFilesToCab] Find file _s_1FF4.tmp, prepare to add to .cab.
2016-11-09 01:52:48.203, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\inf\setupapi.app.log.
2016-11-09 01:52:48.203, Info      [_AddFilesToCab] Find file setupapi.app.log, prepare to add to .cab.
2016-11-09 01:52:48.203, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\inf\setupapi.dev.log.
2016-11-09 01:52:48.219, Info      [_AddFilesToCab] Find file setupapi.dev.log, prepare to add to .cab.
2016-11-09 01:52:48.219, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\inf\setupapi.offline.log.
2016-11-09 01:52:48.219, Info      [_AddFilesToCab] Find file setupapi.offline.log, prepare to add to .cab.
2016-11-09 01:52:48.219, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Logs\DISM\dism.log.
2016-11-09 01:52:48.235, Info      [_AddFilesToCab] Find file dism.log, prepare to add to .cab.
2016-11-09 01:52:48.235, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CBS.log.
2016-11-09 01:52:48.235, Info      [_AddFilesToCab] Find file CBS.log, prepare to add to .cab.
2016-11-09 01:52:48.235, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CbsPersist_20160227153909.cab.
2016-11-09 01:52:48.235, Info      [_AddFilesToCab] Find file CbsPersist_20160227153909.cab, prepare to add to .cab.
2016-11-09 01:52:48.235, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CbsPersist_20160415232944.cab.
2016-11-09 01:52:48.250, Info      [_AddFilesToCab] Find file CbsPersist_20160415232944.cab, prepare to add to .cab.
2016-11-09 01:52:48.250, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CbsPersist_20160605150857.cab.
2016-11-09 01:52:48.281, Info      [_AddFilesToCab] Find file CbsPersist_20160605150857.cab, prepare to add to .cab.
2016-11-09 01:52:48.281, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CbsPersist_20160724015957.cab.
2016-11-09 01:52:48.375, Info      [_AddFilesToCab] Find file CbsPersist_20160724015957.cab, prepare to add to .cab.
2016-11-09 01:52:48.375, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\logs\cbs\CbsPersist_20161001202854.cab.
2016-11-09 01:52:48.375, Info      [_AddFilesToCab] Find file CbsPersist_20161001202854.cab, prepare to add to .cab.
2016-11-09 01:52:48.375, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Minidump\050716-30638-01.dmp.
2016-11-09 01:52:48.422, Info      [_AddFilesToCab] Find file 050716-30638-01.dmp, prepare to add to .cab.
2016-11-09 01:52:48.422, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Minidump\051516-52229-01.dmp.
2016-11-09 01:52:48.437, Info      [_AddFilesToCab] Find file 051516-52229-01.dmp, prepare to add to .cab.
2016-11-09 01:52:48.437, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\debug\WIA\wiatrace.log.
2016-11-09 01:52:48.437, Info      [_AddFilesToCab] Find file wiatrace.log, prepare to add to .cab.
2016-11-09 01:52:48.437, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\MEMORY.DMP.
2016-11-09 01:52:48.453, Info      [_AddFilesToCab] Find file MEMORY.DMP, prepare to add to .cab.
2016-11-09 01:52:48.453, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\UnattendGC\diagerr.xml.
2016-11-09 01:52:48.469, Info      [_AddFilesToCab] Find file diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:48.469, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\UnattendGC\diagwrn.xml.
2016-11-09 01:52:48.469, Info      [_AddFilesToCab] Find file diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:48.469, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\WindowsUpdate.log.
2016-11-09 01:52:48.484, Info      [_AddFilesToCab] Find file WindowsUpdate.log, prepare to add to .cab.
2016-11-09 01:52:48.484, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\cbs.log.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file cbs.log, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\cbs_unattend.log.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file cbs_unattend.log, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\DDACLSys.log.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file DDACLSys.log, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\diagerr.xml.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file diagerr.xml, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\diagwrn.xml.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file diagwrn.xml, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\DlTel.etl.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file DlTel.etl, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\setup.etl.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file setup.etl, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\windows\Panther\unattend.xml.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file unattend.xml, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  Add report file C:\$GetCurrent\Logs.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file downlevel_2016_11_08_19_49_53_211.log, prepare to add to .cab.
2016-11-09 01:52:48.515, Info      [_AddFilesToCab] Find file rollback_2016_11_09_01_52_41_417.log, prepare to add to .cab.
2016-11-09 01:53:09.638, Info      [TelemetryUpgrade::TelemetryBasedOnWER::SendData]  WerReportSubmit result is 2.
 

 

muito suspeito...me ajudem

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×