Win10 crashed, no Shortcuts. Is there a WinIni file in Win10

Page 4 of 7 FirstFirst ... 23456 ... LastLast

  1. Posts : 79
    win10 home 1903
    Thread Starter
       #31

    7
    Click/tap on Restart to restart the computer with a clean boot at startup, and go to step 8 below. (see screenshot below)
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-clean-boot.png
    Accounts shows that Test (a local account) is signed in. How do I sign it out when it asks me for a password to sign in?

    zbook, sorry I screwed up the CCleaner files.
    I'm calling it a night.as it will take a good while to get back to this place after I reboot - so it will be best if I attempt that in the morning. Also, before I reboot shouldn't I let SuperASpy and ESET finish their scans? I'll monitor the scans when I get up during the night.
    My apologies to you for my obtuseness. You must be a saint to have such patience. Thanks muchly for your help.
      My Computer


  2. Posts : 38,342
    windows 10 professional version 1607 build 14393.969 64 bit
       #32

    The User test was created without a specific password.
    So use no password or the password that you generally use when powering on the computer.

    The options in post #2 may be required and can get you back up and running with a clean computer.
    If the benchmarks are low during clean boot or safe mode you may consider replacing the drive:
    Crucial System Scanner
      My Computer


  3. Posts : 79
    win10 home 1903
    Thread Starter
       #33

    Good morning zbook, I think I'm somewhat back in business. Still having trouble finding which Download folder has the files in them. The temp file in my Quick Access Downloads has this morning's date. The Calamity.zip was on the Desktop.

    I let the scans ESET and Super run all night (5 more hours) and neither was finished an hour ago, so I first switched to Test and logged out, then Restarted after checking to see if all the settings for msconfig were set for a clean boot.

    Again in running V2:
    & : The term '.\resources\main.ps1' is not recognized as the name of a cmdlet, function, script file, or operable
    program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
    At line:1 char:2
    + &'.\resources\main.ps1'
    + ~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (.\resources\main.ps1:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    PS C:\WINDOWS\system32>

    I've again downloaded HD Tune and had no trouble booting up but again had to start over:sync programs, etc.
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-hd-benchmark-1-april-1-.pngCPU shows 14.8% so I will try it in Safe Mode as per post #28.
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-hdtune_benchmark_samsung_hd103sj.pngSafe Mode HD
    So where do I go from here?


    I have a relatively busy day, complicated by COVID-19, so please hang in there and Thank You again.
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10 Attached Files
    Last edited by Gomer; 01 Apr 2020 at 05:50.
      My Computer


  4. Posts : 38,342
    windows 10 professional version 1607 build 14393.969 64 bit
       #34

    1) The DM log collector displayed that the files were recently cleaned.
    So there was very limited data to troubleshoot.

    2) Place the computer in safe mode:
    Boot into Safe Mode on Windows 10

    3) See if you can run these in safe mode:

    a) malwarebytes:
    https://www.malwarebytes.com/
    https://www.malwarebytes.com/mwb-download/

    b) kaspersky
    Kaspersky Virus Protection Software 2020 - Free & Trial Downloads | Kaspersky

    c) V2 log collector (extract all)
    BSOD - Posting Instructions

    d)
    Code:
    function wh   
        {  
            Param ( [parameter (Mandatory = $true)][string]$txt )  
            Write-Host $txt -ForegroundColor Green -BackgroundColor Black -NoNewline  
            ##Example usage wh "Alias for `n Write-Host"  
      
        } ## End function wh  
      
      
    function StartScript   
        {  
            ##Locating Temp Dir and writing Transcript  
            $global:tempDir = [System.IO.Path]::GetTempPath()   
            MD $tempDir\LOGS -EA SilentlyContinue   
            CD $tempDir\LOGS  
            $txtCount = Get-Item $tempDir/LOGS/*.TXT -EA SilentlyContinue  
            if((Get-Host).Version.Major -cge 5) ##WIN7 Not Supported  
                {  
                    if($txtCount.Count -cge 1)   
                    {Start-Transcript -Append -Path $tempDir/LOGS/Event-Search.TXT}   
                    Else{Start-Transcript -Path $tempDir\LOGS\Event-Search.TXT}   
                }  
      
            $global:explore = $tempDir + "LOGS\"  
            $global:Ver = "1.6.3"  
            wh "`nLog Collection... (V$Ver)`n"  
      
            #clearing previous actions  
            Stop-Job *  
      
            #Initialize CheckBox Vars to $True/$False  
                $Global:EventsCollect = $true; $Global:SetupDiagCollect = $true  
                    $Global:UpdatesCollect = $true; $Global:WLANCollect = $true  
                        $Global:PowerCollect = $true; $Global:GPCollect = $true  
                            $Global:miscCollect = $true; $Global:bingCollect = $true  
                                $Global:eventOut = $false        
            #Clear Jobs  
            Stop-Job *  
            Remove-Job *  
                                              
        } ## End function Start-Script  
      
      
    function SetupDiagFunc  
        {  
            wh "`n Grabbing SetupDiag.exe ..."       
            Invoke-WebRequest https://go.microsoft.com/fwlink/?linkid=870142 -OutFile $tempDir\SetupDiag.exe -TimeoutSec 3 -UseBasicParsing  
                #check for successful download  
                if((Get-Item $tempDir\SetupDiag.exe).length -gt 100000)  
                    {  
                      wh "`nSuccessful DL!"  
                      wh "`n Invoking SetupDiag.exe ..."  
                      $SetupDiag = {CMD.EXE /C "%temp%\setupdiag.exe /Verbose /Output:%temp%\SetupDiag-Log.txt"}  
      
                      ## Kick-Off SetupDiagJob  
                      Start-Job -Name SetupDiagJob -ScriptBlock $SetupDiag                     
                      
                    }Else{Write-Host "`nDownload of SetupDiag.exe Failed!" -BackgroundColor RED }  
      
        } ## End Function SetupDiagFunc  
      
      
    function EventSearch  
        {  
        wh "`n Starting EventSearch Job-Function ...`n"  
        ## Gathering Events from System using Get-WinEvent via Job  
        $EventSearchJob =   
            {  
            $evtPaths = Get-Item C:\Windows\System32\Winevt\Logs\*.evtx -Exclude "*PowerShell*",   
                "*known folders*" | Select-Object FullName  
            $i = $evtPaths.Count  
      
            $x = 0 ##For 1st Loop do Until x = i  
            $events = @()  
            $gatherEvents = @()  
            $eventsArray = @()  
            $searchResult = @()  
            $MaxEvents = 99  
      
            #Loading/Gathering Events Loop...  
            do {  
           
                ##Getting Events w/ Get-WinEvent         
                $gatherEvents = Get-WinEvent -Path $evtPaths[$x].FullName -MaxEvents $MaxEvents -EA SilentlyContinue  
                $events = $events + $gatherEvents             
      
                $x++  
                  
                }  
                 Until ($x -eq $i)      
      
            $x = $x +1 ##Total Events Found!  
              
            $eventsLength = $events.Length ##Total events catalogged!  
              
            $xx = 0  
                   
            # Write Event Properties to a row and roll it out - Collapsing Array ...   
            do {  
                   $date = $events[$xx].TimeCreated | Get-Date -Format "yyyyMMdd".ToString() -EA SilentlyContinue ##EA SC for Blank Entries  
                      
                    $eventRow = new-object PSObject -Property @{  
                    Date = $date;  
                    Id = $events[$xx].Id;  
                    Level = $events[$xx].LevelDisplayName;  
                    Provider = $events[$xx].ProviderName;  
                   Message = $events[$xx].Message;  
                    }  
      
                    $cRow = $date + " " + "ID:" +  $events[$xx].Id + " " + "Level:" + $events[$xx].LevelDisplayName + " " + "Provider:" + $events[$xx].ProviderName + " " + "Message:" + $events[$xx].Message   
                    $eventsArray += $cRow  
                   
                    $xx++  
                    $d++  
            }  
            Until ($xx -eq $events.Length)  
     
            ##Looking for patterns error or fail in $eventsArray  
            $search = $eventsArray | Select-String -pattern ("error|fail") 
     
            Return $search ## | Write-Output ##Output for job  
      
            } ## End $EventSearchJob  
      
        Start-Job -Name EventSearchJob -ScriptBlock $EventSearchJob  
      
        } ## End function Event-Search  
      
      
    function writeSearch  ##   
        {  
            ##Event Logs Cont.  
            MD $tempDir\LOGS\EVTX\ -EA SilentlyContinue 
     
            ##output to file  
            $search | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name -Wrap > TOP-ERRORS.TXT  
            $search > $tempDir\LOGS\SEARCH.TXT  
      
        if($Global:eventOut -eq $True)  
            {  
            $search | Group-Object | Sort-Object Count -Descending |   
                Select-Object -Property Count, Name | Out-GridView -Title "Top `"Errors`" via EVTX - V-$Ver"  
            }  
      
            wh "`n Collecting Matching EVTX Entries ...`n"     
            #Collecting all prev matching EVTX  
            #$evtx = Get-ChildItem C:\Windows\System32\Winevt\Logs\*.evtx  
            $evv = 0  
                      
               $providerName =   
                   (($search | Select-String "Provider:.*Message:").Matches.Value -Replace   
                          " Message:", "" -Replace "Provider:", "" | Group-Object ).Name  
                  
                #Converting Provider Name to Log Name                 
                $providerName = (($providerName | ForEach-Object {Get-WinEvent -ProviderName $_ -MaxEvents 1 -EA SilentlyContinue}).LogName | Group-Object).Name     
                   $providerName = $providerName -replace "Microsoft.", ""  
                      $providerName = $providerName -replace "Windows.", ""  
                         $providerName = $providerName -replace "`/.*$", ""  
                               
                               
                             $evtx = $providerName | foreach{Get-ChildItem "C:\Windows\System32\winevt\logs\*$_*"}  
      
                    Do{  
                        COPY $evtx[$evv].PSPath $tempDir\LOGS\EVTX\ 
                           $evv++  
                      }  
                      Until($evv -eq $evtx.Count)  
      
        } #End function writeSearch  
      
      
    function GetUpdates  
        {  
            wh "`n Starting Get-WindowsUpdateLog Job-Function ...`n"  
            $updateJob = {get-WindowsUpdateLog}  
             
            if((Get-Host).Version.Major -cge 5) ##Modern Gatherer  
            {  
                Start-Job -Name GetUpdates -ScriptBlock $updateJob  
            }  
              
            ##Legacy Gatherer  
            CP C:\Windows\WindowsUpdate.log $tempDir\LOGS\WindowsUpdate.log  
      
            ##Installed-Updates/Packages 
            Get-WmiObject win32_quickfixengineering > $tempDir\LOGS\Installed_Updates.TXT  
            Get-WmiObject Win32_OperatingSystemQFE >> $tempDir\LOGS\Installed_Updates.TXT  
        DISM /Online /Get-Packages /Format:Table >> $tempDir\LOGS\Installed_Updates.TXT 
      
        } ## End function Get-Updates  
      
           
    function PrinterCheck  
        {  
            wh "`n Getting Printer Information ..."  
            get-printer | ft Name, ComputerName, Type, DriverName, PortName, Datatype, Location, DriverName > $tempDir\LOGS\Printers.TXT  
            get-printerDriver | fl >> $tempDir\LOGS\Printers.TXT  
            Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append  
            Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append  
            Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" | Out-File $tempDir\LOGS\Printers.TXT -Append  
            write-output "## CBS ntprint CHECK ##" >> $tempDir\LOGS\Printers.TXT  
            $cbsCheck = (Get-ChildItem C:\Windows\Logs\CBS\*cbs* -Recurse | select-string -Pattern "E_INVALIDARG in eventsXml.*Microsoft-Windows-PrintService")  
            if($cbsCheck.Count -eq 0){Write-Output "## NO MATCHES IN CBS ##" >> $tempDir\LOGS\Printers.TXT} Else{$cbsCheck | Group-Object  >> $tempDir\LOGS\Printers.TXT}  
            write-output "## ntprint.dll CHECK ##" >> $tempDir\LOGS\Printers.TXT  
            (Get-ChildItem C:\Windows\System32\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT  
            (Get-ChildItem C:\Windows\SysWOW64\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT  
      
        } ## End function PrinterCheck  
      
      
    function UpdateHelper  
        {  
        if((Get-Host).Version.Major -cge 5)  
            {  
                $winupdatelog = get-item $tempDir\LOGS\windows-update.log    ##WIN-10 File  
                MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue | Out-Null  
                CP C:\Windows\Logs\WindowsUpdate\*.etl $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue  
            }  
                Else{$winupdatelog = get-item $tempDir\LOGS\windowsupdate.log} ##LEGACY File  
      
        $updateError = ($winupdatelog | select-string -pattern "error.*0x........");  
        $updateErrorSplit = $updateError -Split " "  
        $updateErrorCount = (($updateErrorSplit | select-string -pattern "0x........") -Replace "[(),'`.:]", "" -Replace "hr=", "");  
      
        $updateErrorCount | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT -Width 999  
        $updateError >> UPDATE-ERRORS.TXT  
        if($updateError.length -eq 0){"No `"error.*0x........`" patterns Found in Windows-Update.log" | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT}  
      
        ($winupdatelog | Select-String "KB\d\d\d\d\d\d\d" | Select-string "fail") | Out-file $tempDir\LOGS\UPDATE-ERRORS.TXT -Append -width 999  
      
        } ## End function UpdateHelper  
      
      
    function getProcesses  
        {  
        wh "`nGetting Active Process ...`n"   
        Get-Process > $tempDir\LOGS\Running-Processes.TXT  
        CMD.EXE /C "tasklist /svc" | Out-File -Append  $tempDir\LOGS\Running-Processes.TXT  
          
        } ## End function getProcesses  
      
      
    function GetApps  
        {  
        wh "`n Getting List of Installed Apps...`n"  
        Get-WmiObject -Class Win32_Product | Format-Table -Property Name, Version, Vendor > $tempDir\LOGS\Installed-Apps.TXT  
        Get-AppxPackage | ft Name, Version, InstallLocation, IspArtiallyStaged, SignatureKind, Status >> $tempDir\LOGS\Installed-Apps.TXT  
          
        } ## End function GetApps  
      
      
    function SetupLogs  
        {  
        wh "`nGetting Windows Setup Logs Independent of SetupDiage.exe...`n"  
            MD $tempDir\LOGS\SETUP\ -EA SilentlyContinue  
        dir C:\ > $tempDir\LOGS\Dir_Structure.txt  
          
        ## Main Setup Collection  
        if($env:SystemDrive -eq 'C:') ##Verify SystemDrive  
        {  
            $SetupPaths = @()  
      
            $locations = @(  
                'C:\GetCurrent',  
                'C:\$Reset',  
                'C:\$SysReset',  
                'C:\$Windows.~BT',  
                'C:\$Windows.~WS',  
                'C:\Windows\Logs\',  
                'C:\Windows\Panther\',  
                'C:\Windows\inf\',  
                'C:\Windows\System32\LogFiles\',  
                'C:\Windows\System32\SysPrep\',  
                'C:\Windows10Upgrade',  
                'C:\Windows.old\Windows\Panther')  
      
            for($i = 0; $locations.count -gt $i; $i++)  
            {   
                if((get-item $locations[$i] -Force -EA SilentlyContinue).length -gt 0) ##Null Path Check -Force for Hidden  
                {  
                    CD $locations[$i]  
                    ##Search includes setuperr/setupact only  
                    $SetupPaths += Get-ChildItem * -Force -Recurse -Include setuperr.log, setupact.log, miglog.xml, *APPRAISER_Humanreadable.xml -EA SilentlyContinue      
                }  
            }  
      
            $cleanPaths = @()  
      
            for($i = 0; $SetupPaths.count -gt $i; $i++)  
            {  
                $cleanPaths += $SetupPaths[$i].PSParentPath.ToString() -replace "Microsoft\.PowerShell\.Core\\FileSystem\:\:C\:\\", ""  
            }  
      
            CD $tempDir\LOGS\SETUP\  
            MD $cleanPaths -Force  
            CD $tempDir\LOGS\  
      
            for($i = 0; $SetupPaths.count -gt $i; $i++)  
            {  
                $destPath = "$tempDir\LOGS\SETUP\" + $cleanPaths[$i]  
                $copyPathLog = ($SetupPaths[$i].ToString())  
                  
                Copy  $copyPathLog -Destination $destPath  
            }  
          
        }Else{Write-Host "`nSystem Drive is not C:... Setup Collection Aborted!`n"}  
        ## End Main Setup Collection  
          
              
            ## Setup Reg Output      
            Get-ChildItem HKLM:\SYSTEM\SETUP\ | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT  
            Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\Me* -recurse -EA SilentlyContinue | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append  
            Get-Childitem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append  
      
            ## SetupAct String Search  
      
      
              
             $setupRegx = @("MOUPG SetupHost..Initialize:",  
                            "============================",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Initialize. CmdLine"),  
                            "",  
                            "MOUPG Setup build & Host OS Build:",  
                            "==================================",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Setup build"),  
                            "...",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG      Host OS"),  
                            "",  
                            "Watson Parameters (4&5):",  
                            "=======================",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Watson Bucketing Parameters\[[4-5]\]" ),  
                            "",  
                            "\[0x........\]Error:",  
                            "==================",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "\[0x........\]\[0x.....\]"),  
                            "",  
                            "`"FATAL`":",  
                            "======",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "FATAL" | Select-String -NotMatch "FatalExecutionEngineError" | Select-String -NotMatch "non-fatal"),  
                            "",  
                            "`"Error   `":",  
                            "===========",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Error   "),  
                            "",  
                            "MIGRATE.*DATA:",  
                            "==============",  
                            "",  
                            (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MIGRATE.*DATA"),  
                            ""             
                            )  
                $q=0  
                Do {$setupRegx[$q] | Out-File $tempDir\LOGS\SETUP\SetupAct-Regex.TXT -Append -Width 999 ##spool out results  
                                      $q++                    
                                                }Until($q -eq $setupRegx.Count)  
      
        } ## End function SetupLogs  
      
      
    function powerCFGInfo  
        {  
        MD $tempDir\LOGS\POWER\ -EA SilentlyContinue  | Out-Null  
        wh "`n Grabbing PowerCFG, Sleep & Battery Info ...`n"  
          
        ("`n" + "Available Sleep States (/A): `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        powercfg /a | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
        ("`n" + "-DeviceQuery Wake_Armed: `r" + "`n" +"========================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        powercfg -devicequery wake_armed  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
        ("`n" + "Last Wake (-lastwake):  `r" + "`n" +"=====================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        powercfg -lastwake  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
        ("`n" + "-Requests: `r" + "`n" +"==========`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        powercfg -requests  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
        $powerList = powercfg -list  
        $powerList | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        $powerActive = $powerList | select-string "\*" | powercfg /QH "$_"   
        ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
        ("`n" + "Active Power Scheme Details: `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
        $powerActive | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
      
      
        if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support powercfg /battery /sleepstudy  
             {   
               $ifbattery = Get-WmiObject win32_battery  
               if ( $ifbattery.__SERVER.count -cge 1 ) { CMD.EXE /C "powercfg /batteryreport /output %temp%\LOGS\POWER\battery-report.html" }  
               CMD.EXE /C "powercfg /sleepstudy /output %temp%\LOGS\POWER\sleepstudy-report.html"  
             }  
               CMD.EXE /C "powercfg /ENERGY /duration 10 /output %temp%\LOGS\POWER\energy-report.html"         
          
        } ## End function powerCFGInfo  
      
      
    function sysProductCheck  
        {  
        wh "`n Getting SystemProductName ...`n"  
        ##SystemInformation Reg   
        reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\ /v SystemProductName  > $tempDir\LOGS\REG_SystemProductName.TXT   
        Get-WmiObject Win32_ComputerSystem > $tempDir\LOGS\WMI_Object_System.TXT  
        Get-WmiObject Win32_ComputerSystemProduct >> $tempDir\LOGS\WMI_Object_System.TXT  
          
        } ## End functions sysProductCheck  
      
      
    function showWLAN  
        {  
        wh "Generating NETSH WLAN Report...`n"  
      
        $showWLANjob = {  
                        CMD.EXE /c "netsh wlan show networks mode=ssid > %temp%\LOGS\Network\wlan.txt"  
                        CMD.EXE /c "netsh wlan show networks mode=bssid >> %temp%\LOGS\Network\wlan.txt"  
                        CMD.EXE /c "netsh winhttp show proxy > %temp%\LOGS\Network\proxy.txt"  
                        CMD.EXE /c "netsh wlan show wlanreport & COPY C:\ProgramData\Microsoft\Windows\wlanReport\wlan-report-latest.html %temp%\LOGS\Network\wlan-report-latest.html"   
                        ##WIN7 Does not Support netsh wlanreport                                                    
                        }   
      
        Start-Job -Name showWLAN -ScriptBlock $showWLANjob  
      
        } ## End function sysProductCheck  
      
      
    function getGPRESULT  
        {  
        wh "`nGetting GPRESULT...`n"  
        CMD.EXE /C "GPRESULT /V > %temp%\LOGS\GPRESULT.TXT"  
          
        } ## End function getGPRESULT  
      
      
    function reservedCheck  
        {       
             
        $reservedJob =   
            {  
            $vol = (mountvol /L | select-string -Pattern "\\\\")  
            $volstring = "mountvol y:" + $vol[0]  
            CMD.EXE /C $volstring  
          
            SLEEP 2  
      
            CMD.EXE /C "CHKDSK y: > %temp%\LOGS\SystemReserved.TXT"  
          
            SLEEP 2 # Pause after drive dismount  
          
            CMD.EXE /C "mountvol y: /D"  
            }  
      
        Start-Job -Name reservedJob -ScriptBlock $reservedJob  
          
        } ## End function reservedCheck  
      
      
    function fltmcCheck  
        {  
        wh "`n Getting fltmc Filters ...`n"  
        CMD.EXE /c "fltmc filters > %temp%\LOGS\fltmc_filters.TXT"  
          
        } ## End function fltmcCheck  
      
      
    function getDXDiag  
        {  
        wh "`n Grabbing DXDiag Info...`n"  
        C:\Windows\System32\dxdiag /x $explore\DxDiag  
          
        } ## End function getDXDiag  
      
      
    function getMSINFO  
        {  
        wh "`n Gathering MSINFO32 ...`n"  
        ## check if msinfo is already gathering - if so stop  
        If((get-process | select-string -Pattern "msinfo").Pattern -eq "msinfo")  
        {Stop-Process -ProcessName msinfo32}  
      
            C:\Windows\System32\msinfo32.exe /nfo $tempDir/LOGS/MSINFO32.NFO  
                     
        } ## End function getMSINFO  
      
      
    function getAV  
        {  
         if((Get-Host).Version.Major -cge 5) ##Modern OS Only  
            {  
            wh "`n Grab root\SecurityCenter2 AntivirusProduct ...`n"  
            $avPath = (Get-WmiObject -Namespace root\SecurityCenter2 -Class AntivirusProduct) | % {$_.pathtoSignedProductEXE}  
            "AV Info" + "`n========" | Out-File $tempDir/LOGS/SecurityProductInformation.TXT 
        $avPath | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append  
            if($avPath[0] -match "exe")  
                {   
                    $path = (Get-Item $avPath[0]).PSParentPath  
                    Get-Item $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append  
                    Get-Content $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append             
                }  
                Get-ChildItem "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\" -recurse -EA SilentlyContinue | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append      
            }  
        } ## End function getAV  
      
      
    function getDrivers  
        {  
        wh "`n Grabbing Driver listing via DISM.EXE ...`n"  
            $drivers = cmd.exe /C "dism /online /get-drivers /format:table"  
            $drivers += cmd.exe /C "dism /online /get-drivers /all /format:table"  
            $drivers | Out-File $tempDir/LOGS/DISM-Get-Drivers.TXT  
        wh "`n Done!`n"  
        } ## End Function getDrivers  
      
      
    function getMISCLogs  
        {  
            wh "`nCopying misc. logs ...`n"   
            MD $tempDir\LOGS\WER\ -EA SilentlyContinue   
            MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue  
            CP "C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\*" $tempDir\LOGS\WER\ -Recurse -EA SilentlyContinue  
            CP "C:\Windows\Logs\CBS\*cbs*" $tempDir\LOGS\Windows\Logs\  
            CP "C:\Windows\Logs\DISM\*dism*" $TempDir\LOGS\Windows\Logs\  
            CP "C:\Windows\Logs\WindowsUpdate\*" $TempDir\LOGS\Windows\Logs\WindowsUpdate\  
      
                
            #DMP Collect  
            $dmp = @()  
            $dmp += Get-ChildItem C:\Windows\*.dmp   
            $dmp += (Get-ChildItem C:\Windows\LiveKernelReports\*.dmp -Recurse -EA SilentlyContinue)  
            $dmp += (Get-ChildItem C:\Windows\Minidump\*.dmp -Recurse -EA SilentlyContinue)  
            #Validate empty array  
            if($dmp.length -ne 0)  
                {  
                $dd=0  
                      Do{       
                            If($dmp[$dd].length -lt 2000000)  
                                { $destPath = $dmp[$dd].PSParentPath.Replace('C:\', '').Replace('Microsoft.PowerShell.Core\FileSystem::', '')  
                                    MD $destPath -EA SilentlyContinue 
                                        COPY -Path $dmp[$dd].PSPath -Destination $destPath }  
                            $dd++  
                        }  
                        Until($dd -eq $dmp.Count)  
                }  
     
             #disk info 
             "`nGet-Disk:`n=========" > $tempDir\LOGS\Disk-Info.TXT  
             Get-Disk |fl >> $tempDir\LOGS\Disk-Info.TXT 
             "`nGet-Partition:`n==============" >> $tempDir\LOGS\Disk-Info.TXT  
             Get-Partition >> $tempDir\LOGS\Disk-Info.TXT 
             Manage-bde -protectors -get C: >> $tempDir\LOGS\Disk-Info.TXT 
             "`nIO Fail Search:`n===============`n" >> $tempDir\LOGS\Disk-Info.TXT 
             $search | Select-String ".*io.fail.*" | Select-String -NotMatch '0, 0, 0, 0' >> $tempDir\LOGS\Disk-Info.TXT        
      
        } ## End function getMISCLogs  
      
      
    function bingCollect  
        {  
            ##O365 Firewall Check & Bing.com diagnostics.asp  
            ##URIs based on Article:   
            ##https://support.office.com/en-us/article/Network-requests-in-Office-365-ProPlus-and-Mobile-eb73fcd1-ca88-4d02-a74b-2dd3a9f3364d  
                    
            MD $TempDir\LOGS\Network\ -EA SilentlyContinue  
      
            wh "Performing Bing & O365 URI Check ... `n"  
      
      
                  $bingCheck = (Invoke-WebRequest -Uri https://www.bing.com/fdv2/diagnostics.aspx -UseBasicParsing)   
                  $bingCheck | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT  
                     
                  $URIs = @('api.login.microsoftonline.com',    #0  Standard Reply = 403  
                  'api.passwordreset.microsoftonline.com',      #1  Standard Reply = 200  
                  'becws.microsoftonline.com',                  #2  Standard Reply = 403  
                  'clientconfig.microsoftonline-p.net',         #3  Standard Reply = 404  
                  'companymanager.microsoftonline.com',         #4  Standard Reply = 403  
                  'device.login.microsoftonline.com',           #5  Standard Reply = 200  
                  'graph.microsoft.com',                        #6  Standard Reply = 404  
                  'hip.microsoftonline-p.net',                  #7  Standard Reply = 404   
                  'hipservice.microsoftonline.com',             #8  Standard Reply = 404  
                  'login.microsoft.com',                        #9  Standard Reply = 200  
                  'login.microsoftonline.com',                  #10 Standard Reply = 200  
                  'logincert.microsoftonline.com',              #11 Standard Reply = 200   
                  'loginex.microsoftonline.com',                #12 Standard Reply = 200  
                  'login-us.microsoftonline.com',               #13 Standard Reply = 200  
                  'login.microsoftonline-p.com',                #14 Standard Reply = 200  
                  'login.windows.net',                          #15 Standard Reply = 200  
                  'nexus.microsoftonline-p.com',                #16 Standard Reply = 403  
                  'passwordreset.microsoftonline.com',          #17 Standard Reply = 200  
                  'provisioningapi.microsoftonline.com',        #18 Standard Reply = 403  
                  'stamp2.login.microsoftonline.com',           #19 Standard Reply = 200  
                  'ccs.login.microsoftonline.com',              #20 Standard Reply = 401  
                  'ccs-sdf.login.microsoftonline.com',          #21 Standard Reply = 401  
                  'accounts.accesscontrol.windows.net',         #22 Standard Reply = 200  
                  'secure.aadcdn.microsoftonline-p.com',        #23 Standard Reply = 400  
                  'windows.net',                                #24 Standard Reply = 200  
                  'phonefactor.net',                            #25 Standard Reply = 200  
                  'account.activedirectory.windowsazure.com',   #26 Standard Reply = 404  
                  'secure.aadcdn.microsoftonline-p.com',        #27 Standard Reply = 400  
                  'login.windows.net',                          #28 Standard Reply = 200  
                  'provisioningapi.microsoftonline.com',        #29 Standard Reply = 403  
                  'mscrl.microsoft.com',                        #30 Standard Reply = 400  
                  'secure.aadcdn.microsoftonline-p.com',        #31 Standard Reply = 400  
                  'windowsupdate.microsoft.com',                #32 Standard Reply = 200  
                  'update.microsoft.com',                       #33 Standard Reply = 200  
                  'au.download.windowsupdate.com',              #34 Standard Reply = 200  
                  'download.windowsupdate.com',                 #35 Standard Reply = 200  
                  'download.microsoft.com',                     #36 Standard Reply = 200  
                  'tlu.dl.delivery.mp.microsoft.com');          #37 Standard Reply = 403  
              
                     
                  $count = 0;  
                  $queryResult [email protected]{};  
                     
                  Write-Host "Checking URIs .." -NoNewline  
                     
                  Do {           
                          Try{  
                          $queryResult[$count] = (Invoke-WebRequest -Uri ("http:`/`/" + $URIs[$count]) -Method Head -UseBasicParsing -TimeoutSec 2).RawContent  
                             }Catch{ $catch = $_ }  
                     
                              if($queryResult[$count].Count -eq 0)  
                                      {$queryResult[$count] = ($catch[$catch.count -1].ToString()).Replace("`n", " ")}                                     
                          Write-Host "." -NoNewline           
                          $count++         
                      }Until ($count -eq ($URIs.Count));                            
                  Write-Host "."  
                      
                      Get-Date | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append  
                      $queryResult | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append  
                        
            Write-Host " Bing Check", `n, "==========" | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append  
            
                  wh "`n`n`n`URL Check Finished...`n"   
        }  
      
      
    function smbConfig  
    {  
      
        $CMDs =  
        {   cmd.exe /c "net config server"    
            cmd.exe /c "net config workstation"  
            Get-SmbClientNetworkInterface  
            Get-SmbServerConfiguration  
            Get-SmbClientConfiguration  
            Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer"   
            Get-NetAdapterAdvancedProperty | ft }  
      
        ForEach-Object{Invoke-Command $CMDs | Out-File $TempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}  
      
        $share = Get-SmbShare  
      
        ForEach-Object{Get-SmbShareAccess $share.Name | ft  | Out-File $tempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}  
      
    } ## End Function smbConfig  
      
      
    function regLang  
        {       
            DISM.EXE /Online /Get-Intl  | Out-File $tempDir\LOGS\Reg-Lang.TXT  
            "`n","Get-WinUserLanguageList","=======================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append  
            Get-WinUserLanguageList     | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append  
            "`n","Get-WinLanguageBarOption","========================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append  
            Get-WinLanguageBarOption    | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append  
        }  
      
      
    function autoRotate  
        {  
            Get-ChildItem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Auto* | Out-File $tempDir\LOGS\AutoRotate.TXT  
        }  
      
      
    function checkBoxes  
       {  
            Add-Type -AssemblyName System.Windows.Forms  
            Add-Type -AssemblyName System.Drawing  
      
            $Global:form = New-Object System.Windows.Forms.Form  
            $Global:form.Text = "LOGS-V$ver"  
            $Global:form.Size = New-Object System.Drawing.Size(300,400)  
            $Global:form.StartPosition = 'CenterScreen'  
      
            $OKButton = New-Object System.Windows.Forms.Button  
            $OKButton.Location = New-Object System.Drawing.Point(100,300)  
            $OKButton.Size = New-Object System.Drawing.Size(75,23)  
            $OKButton.Text = 'OK'  
            $OKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK  
            $Global:form.AcceptButton = $OKButton  
            $Global:form.Controls.Add($OKButton)  
             
            $Global:form.ControlBox = $false  
              
                $Global:boxNum = 1  
                $Global:checkBox = @{} #hash for $checkBox  
                $tag = @{} #hash for $label  
                $Global:Box = @{}  
      
                function createCheckBox   
                    {  
                        Param ( [parameter (Mandatory = $true)][string]$name,  
                                [parameter (Mandatory = $true)][string]$label )  
                          
                        $drawingPoint = (50 + ($boxNum *25))  
      
                        $Global:checkBox[$boxNum] = New-Object System.Windows.Forms.CheckBox  
                        $Global:checkBox[$boxNum].Location = New-Object System.Drawing.Point(10,$drawingPoint)  
                        $Global:checkBox[$boxNum].Size = New-Object System.Drawing.Size(15,15)  
                        $Global:checkBox[$boxNum].Text = ''  
                        $Global:checkBox[$boxNum].Checked = $true  
                        $Global:form.Controls.Add($checkBox[$boxNum])  
                        #SetupDiag Label  
                        $tag[$boxNum] = New-Object System.Windows.Forms.Label  
                        $tag[$boxNum].Location = New-Object System.Drawing.Point(40,$drawingPoint)  
                        $tag[$boxNum].Size = New-Object System.Drawing.Size(280,20)  
                        $tag[$boxNum].Text = "$label"  
                        $Global:form.Controls.Add($tag[$boxNum])  
      
                        $Global:boxNum ++  
                      
                    } #End nested function createCheckBox   
                
                createCheckBox -name "EV" -label "EventSearch EventLog Helper"       #1  
                createCheckBox -name "SD" -label "SetupDiag.EXE Setup Diagnostics"   #2  
                createCheckBox -name "WU" -label "Get-WindowsUpdateLog Collection"   #3  
                createCheckBox -name "IP" -label "Network Information"               #4  
                createCheckBox -name "PW" -label "POWERCFG. Sleep & Battery Info"    #5  
                createCheckBox -name "GP" -label "GPResult Info"                     #6  
                createCheckBox -name "MS" -label "General Machine Info"              #7  
                createCheckBox -name "EO" -label "EventSearch Out-GridView"          #8            
                     
                #Checkbox State Changes               
                $Global:checkBox[1].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[1].checked -eq $True){ $Global:EventsCollect = $true ; Write-Host "." -nonewline} Else{ $Global:EventsCollect = $false }  
                                  
                        })             
                $Global:checkBox[2].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[2].checked -eq $True){ $Global:SetupDiagCollect = $true ; Write-Host "." -nonewline} Else{ $Global:SetupDiagCollect = $false }  
                                  
                        })  
                $Global:checkBox[3].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[3].checked -eq $True){ $Global:UpdatesCollect = $true ; Write-Host "." -nonewline} Else{ $Global:UpdatesCollect = $false }  
                                  
                        })  
                $Global:checkBox[4].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[4].checked -eq $True){ $Global:WLANCollect = $true ; Write-Host "." -nonewline} Else{ $Global:WLANCollect = $false }  
                                  
                        })  
      
                $Global:checkBox[5].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[5].checked -eq $True){ $Global:PowerCollect = $true ; Write-Host "." -nonewline} Else{ $Global:PowerCollect = $false }  
                                  
                        })  
                $Global:checkBox[6].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[6].checked -eq $True){ $Global:GPCollect = $true ; Write-Host "." -nonewline} Else{ $Global:GPCollect = $false }  
                                  
                        })  
                $Global:checkBox[7].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[7].checked -eq $True){ $Global:miscCollect = $true ; Write-Host "." -nonewline} Else{ $Global:miscCollect = $false }  
                                  
                        })  
      
                 $Global:checkBox[8].Add_CheckStateChanged(  
                        {   
                            if($Global:checkBox[8].checked -eq $True){ $Global:eventOut = $true ; $Global:checkBox[1].checked = $true; Write-Host "x" -nonewline} Else{ $Global:eventOut = $false }  
                                  
                        })  
                                               
            $Global:checkBox[8].Checked = $false  
            $mainText = New-Object System.Windows.Forms.Label  
            $mainText.Location = New-Object System.Drawing.Point(62,30)  
            $mainText.Size = New-Object System.Drawing.Size(260,20)  
            $mainText.Text = 'Choose which logs to collect:'  
            $Global:form.Controls.Add($mainText)  
            $result = $Global:form.ShowDialog()  
            SLEEP 1  #testing Topmost lag  
            $Global:form.Topmost = $true  
      
            #OK Button ...   
            if ($result -eq [System.Windows.Forms.DialogResult]::OK)  
            {  
                $x = $textBox.Text  
                $x  
            }       
      
        } #End function checkBoxes  
      
      
    Function werHint  
    {  
        $WERs = Get-ChildItem $tempDir\LOGS\WER\*.wer -Recurse  
      
        $WERArray = @()  
      
        $Date = $WERs | Select-String -pattern "eventtime=" | % {$_ -Replace("C:.*EventTime=", "")}  
        $eventType = $WERs | Select-String -pattern "EventType=" | % {$_ -Replace("C:.*EventType=", "")}  
        $Sig0Nam = $WERs | Select-String -pattern "Sig\[0\].Name" | % {$_ -Replace("C:.*Sig\[0\].Name=", "")}  
        $Sig0Val = $WERs | Select-String -pattern "Sig\[0\].Value" | % {$_ -Replace("C:.*Sig\[0\].Value=", "")}  
        $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}  
        $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}  
        $Sig4 = $WERs | Select-String -pattern "Sig\[4\].Value" | % {$_ -Replace("C:.*Sig\[4\].Value=", "")}  
      
        #ConvertDateTime  
        $epoch = [datetime]"01/01/1601 00:00"  
        $date = $date | foreach{$epoch.AddSeconds($_/10000000)}   
        $convertedDate = foreach($Date in $Date) {Get-Date $Date -Format G}  
      
        $WERarray = 0..($convertedDate.Length -1) | Select-Object @{n="Id";e={$_}},   
            @{n="Date";e={$convertedDate[$_]}}, @{n="EventType";e={$eventType[$_]}},  
                @{n="S0-Name";e={$Sig0Nam[$_]}}, @{n="S0-Value";e={$Sig0Val[$_]}}, @{n="S3";e={$Sig3[$_]}},   
                    @{n="S4";e={$Sig4[$_]}}  
      
        $WERArray |Sort-Object -Descending Date | ft -autosize Date, EventType, S0-Name, S0-Value, S3, S4  |   
            Out-File $tempDir\LOGS\WER-SUMMARY.TXT -Width 500  
      
    } ## End Function werHint  
      
      
      
    ### FUNCTIONS_INIT ###   
      
            $Script:Cancel = @{}  
      
            StartScript #function  
            checkBoxes  
              
            ## SetupDiagCollect   #2  
            if($Global:SetupDiagCollect -eq $True)  
                {  
                SetupDiagFunc #function & job   
                wh "...`n"  
                }  
            ## EventSearch         #1  
            if($Global:EventsCollect -eq $True)  
                {  
                EventSearch #function & job  
                wh "...`n"  
                }  
      
            ## Get-WindowsUpdate   #3  
            if($Global:UpdatesCollect -eq $True)  
                {  
                GetUpdates #function & job  
                wh "...`n`n"  
                }  
      
            ## WLAN/Wifi Collect    #4  
            if($Global:WLANCollect -eq $True)      
                {  
                bingCollect #function  
                wh "...`n"  
                showWLAN #function & job   
                wh "...`n"  
                smbConfig #function  
                }  
      
            ## Power/Battery Collect:#5  
            if($Global:PowerCollect -eq $True)  
                {  
                powerCFGInfo #function - make job takes a min  
                wh "...`n"  
                }  
      
            ## GPRESULT Collection:  #6  
            if($Global:GPCollect -eq $True)  
                {  
                getGPRESULT #function  
                wh "...`n"  
                }  
      
            ## Misc Logs Collection: #7        
            if($Global:miscCollect -eq $True)  
                {  
                getMSINFO #function & job  
                    wh "...`n"  
                PrinterCheck #function  
                    wh "...`n"  
                getProcesses #function  
                    wh "...`n"  
                getApps #function - make job - takes a min  
                    wh "...`n"  
                SetupLogs #function  
                    wh "...`n"       
                sysProductCheck #function  
                    wh "...`n"                 
                reservedCheck #function  
                    wh "...`n"  
                fltmcCheck #function  
                    wh "...`n"  
                getDXDiag #function  
                    wh "...`n"  
                regLang #function  
                    wh "...`n"  
                autoRotate #function  
                getMISCLogs #function  
                    wh "...`n"  
                getDrivers #function  
                    wh "...`n"   
                getAV #function  
                    wh "...`n"            
                 }  
            
      
    #### RECEIVING JOBS SECTION ###...   
      
            #EventSearchJob  
            if($Global:EventsCollect -eq $True)  
            {          
                wh "`nWaiting for EventSearchJob to complete...`n"  
      
                Receive-Job -Name EventSearchJob -OutVariable eventSearch -Wait   
                $search = $eventSearch.Line  
            }  
      
      
            if($Global:SetupDiagCollect -eq $True)  
            {  
                #SetupDiagJob - Receive-Job  
                $stamp = (Get-Date -format "hh:mm tt")  
                wh "`nWaiting for SetupDiagJob to complete..."  
                wh "`nTime Stamp: $stamp"  
                wh "`nThis can take up to 10 minutes ..."  
      
                Do{  
                  SLEEP 15  
                    wh "."  
                    if((Get-Job -name SetupDiagJob).State -eq "Completed")  
                        { Receive-Job -Name SetupDiagJob  
                               wh "`nSetupDiag Completed!"                         
                            Break                      }  
                                    }Until($Cancel.SetupDiag -eq $True)  
                wh `n  
                                                   
                #Receive file and copy  
                Receive-Job -Name SetupDiagJob -Wait   
                Copy-Item $tempDir\Logs*.zip $tempDir\LOGS\SetupDiag-Log.zip  
                Copy-Item $tempDir\setupdiag*.log $tempDir\LOGS\  
                Remove-Item $tempDir\Logs*.zip  
            }  
      
           
            if($Global:UpdatesCollect -eq $True)  
            {  
                #GetUpdates Job via:  
                #UpdateHelper <--- GetUpdates Job has to finish first!  
                #Checking Status of GetUpdates Job...  
                wh "Checking Status of GetUpdates Job...`n"  
                If ((Get-Job -Name GetUpdates).State -eq "Failed")  
                    { wh "`nGetUpdates Job Failed!`n" }  
                        Else{  
                                Receive-Job -Name GetUpdates -wait  
                                Move $env:USERPROFILE\Desktop\WindowsUpdate.log $TempDir\LOGS\Windows-Update.log -Force  
                                wh "`n Writing Update Helper Info to UPDATE-ERRORS.TXT ... `n"  
                                UpdateHelper #run the update helper function  
                            }               
            } #End getting GetUpdates-job       
      
            #Finishing EventSearch  
            if($Global:EventsCollect -eq $True)  
                {  
                    writeSearch #function  
                }  
      
    #Wait on MSINFO...  
    if($Global:miscCollect -eq $True)  
    {  
        wh "`n Waiting for MSINFO32 to Complete ...`n"  
        do{ start-sleep 1 }  
        Until((get-process | select-string -Pattern "msinfo").Pattern -cne "msinfo")  
            werHint #function  
    }  
      
      
    if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support Transcript  
        {  
      
    Stop-Transcript   
      
            do{  
        start-sleep 1  
        }  
        Until((get-item $tempDir\LOGS\Event-Search.TXT).Length -cne 0)  
          
        }  
      
    wh "`nLog Collection Completed! `nLogs are available in %temp%\LOGS\`n"    
    wh "`nHit Any Key or Close ...`n"  
      
    Start-Sleep 1  
      
    Start Explorer.exe $explore  
      
    PAUSE  
      
    ## LOGS.PS1 1.6.3  ##     
    ## JOHNEM 8-2019 ##   
    ## EOF ##



    e) view post #22 > run through each step to complete all steps that were not yet performed


    2) Run the Dell support assistant to update all drivers

    3) Overnight run the custom Dell diagnostics:
    https://www.dell.com/support/home/us...-580s/diagnose

    Code:
    Performance
    Bluescreen analyzer
    Hard drive
    Hard drive stress
    Memory
    Memory stress
    Motherboard
    Processor
    Processor stress
    System stress
    Code:
    Video capture
    Video card
    Video card stress

    4) In the AM complete the custom disgnostic tests that are interactive

    5) Post images of all tests performed and results into the thread


    6) It is unclear as to why there is difficulty completing Supraantispyware or ESET.
      My Computer


  5. Posts : 79
    win10 home 1903
    Thread Starter
       #35

    Cannot download Kaspersky. All I get is a white box.
    I did a powershell and pasted d). I'll paste it below Malware
    Popup: Sea Tools for Windows (Not Responding) "USB: Scanning for supported drives. Please wait"

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 4/1/20
    Scan Time: 12:51 PM
    Log File: 03ec59e0-7439-11ea-9457-782bcb807821.json

    -Software Information-
    Version: 4.1.0.56
    Components Version: 1.0.859
    Update Package Version: 1.0.21746
    License: Trial

    -System Information-
    OS: Windows 10 (Build 18362.720)
    CPU: x64
    File System: NTFS
    User: Calamity\rfochtmann

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 465949
    Threats Detected: 2
    Threats Quarantined: 2
    Time Elapsed: 13 min, 16 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 1
    PUP.Optional.AuslogicsBoostSpeed, HKLM\SOFTWARE\WOW6432NODE\AUSLOGICS\BoostSpeed, Quarantined, 2848, 341837, 1.0.21746, , ame,

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 1
    Generic.Malware/Suspicious, C:\USERS\RFOCHTMANN\DOWNLOADS\PASSWORDFOX-X64.ZIP, Quarantined, 0, 392686, 1.0.21746, , shuriken,

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

    Windows PowerShell
    Copyright (C) Microsoft Corporation. All rights reserved.

    Try the new cross-platform PowerShell Installing PowerShell - PowerShell | Microsoft Docs

    PS C:\Users\TEMP.Calamity> ##Example usage wh "Alias for `n Write-Host"
    >>
    >> } ## End function wh
    >>
    >>
    >> function StartScript
    >> {
    >> ##Locating Temp Dir and writing Transcript
    >> $global:tempDir = [System.IO.Path]::GetTempPath()
    >> MD $tempDir\LOGS -EA SilentlyContinue
    >> CD $tempDir\LOGS
    >> $txtCount = Get-Item $tempDir/LOGS/*.TXT -EA SilentlyContinue
    >> if((Get-Host).Version.Major -cge 5) ##WIN7 Not Supported
    >> {
    >> if($txtCount.Count -cge 1)
    >> {Start-Transcript -Append -Path $tempDir/LOGS/Event-Search.TXT}
    >> Else{Start-Transcript -Path $tempDir\LOGS\Event-Search.TXT}
    >> }
    >>
    >> $global:explore = $tempDir + "LOGS"
    >> $global:Ver = "1.6.3"
    >> wh "`nLog Collection... (V$Ver)`n"
    >>
    >> #clearing previous actions
    >> Stop-Job *
    >>
    >> #Initialize CheckBox Vars to $True/$False
    >> $Global:EventsCollect = $true; $Global:SetupDiagCollect = $true
    >> $Global:UpdatesCollect = $true; $Global:WLANCollect = $true
    >> $Global:PowerCollect = $true; $Global:GPCollect = $true
    >> $Global:miscCollect = $true; $Global:bingCollect = $true
    >> $Global:eventOut = $false
    >> #Clear Jobs
    >> Stop-Job *
    >> Remove-Job *
    >>
    >> } ## End function Start-Script
    >>
    >>
    >> function SetupDiagFunc
    >> {
    >> wh "`n Grabbing SetupDiag.exe ..."
    >> Invoke-WebRequest https://go.microsoft.com/fwlink/?linkid=870142 -OutFile $tempDir\SetupDiag.exe -TimeoutSec 3 -UseBasicParsing
    >> #check for successful download
    >> if((Get-Item $tempDir\SetupDiag.exe).length -gt 100000)
    >> {
    >> wh "`nSuccessful DL!"
    >> wh "`n Invoking SetupDiag.exe ..."
    >> $SetupDiag = {CMD.EXE /C "%temp%\setupdiag.exe /Verbose /Output:%temp%\SetupDiag-Log.txt"}
    >>
    >> ## Kick-Off SetupDiagJob
    >> Start-Job -Name SetupDiagJob -ScriptBlock $SetupDiag
    >>
    >> }Else{Write-Host "`nDownload of SetupDiag.exe Failed!" -BackgroundColor RED }
    >>
    >> } ## End Function SetupDiagFunc
    >>
    >>
    >> function EventSearch
    >> {
    >> wh "`n Starting EventSearch Job-Function ...`n"
    >> ## Gathering Events from System using Get-WinEvent via Job
    >> $EventSearchJob =
    >> {
    >> $evtPaths = Get-Item C:\Windows\System32\Winevt\Logs\*.evtx -Exclude "*PowerShell*",
    >> "*known folders*" | Select-Object FullName
    >> $i = $evtPaths.Count
    >>
    >> $x = 0 ##For 1st Loop do Until x = i
    >> $events = @()
    >> $gatherEvents = @()
    >> $eventsArray = @()
    >> $searchResult = @()
    >> $MaxEvents = 99
    >>
    >> #Loading/Gathering Events Loop...
    >> do {
    >>
    >> ##Getting Events w/ Get-WinEvent
    >> $gatherEvents = Get-WinEvent -Path $evtPaths[$x].FullName -MaxEvents $MaxEvents -EA SilentlyContinue
    >> $events = $events + $gatherEvents
    >>
    >> $x++
    >>
    >> }
    >> Until ($x -eq $i)
    >>
    >> $x = $x +1 ##Total Events Found!
    >>
    >> $eventsLength = $events.Length ##Total events catalogged!
    >>
    >> $xx = 0
    >>
    >> # Write Event Properties to a row and roll it out - Collapsing Array ...
    >> do {
    >> $date = $events[$xx].TimeCreated | Get-Date -Format "yyyyMMdd".ToString() -EA SilentlyContinue ##EA SC for Blank Entries
    >>
    >> $eventRow = new-object PSObject -Property @{
    >> Date = $date;
    >> Id = $events[$xx].Id;
    >> Level = $events[$xx].LevelDisplayName;
    >> Provider = $events[$xx].ProviderName;
    >> Message = $events[$xx].Message;
    >> }
    >>
    >> $cRow = $date + " " + "ID:" + $events[$xx].Id + " " + "Level:" + $events[$xx].LevelDisplayName + " " + "Provider:" + $events[$xx].ProviderName + " " + "Message:" + $events[$xx].Message
    >> $eventsArray += $cRow
    >>
    >> $xx++
    >> $d++
    >> }
    >> Until ($xx -eq $events.Length)
    >>
    >> ##Looking for patterns error or fail in $eventsArray
    >> $search = $eventsArray | Select-String -pattern ("error|fail")
    >>
    >> Return $search ## | Write-Output ##Output for job
    >>
    >> } ## End $EventSearchJob
    >>
    >> Start-Job -Name EventSearchJob -ScriptBlock $EventSearchJob
    >>
    >> } ## End function Event-Search
    >>
    >>
    >> function writeSearch ##
    >> {
    >> ##Event Logs Cont.
    >> MD $tempDir\LOGS\EVTX\ -EA SilentlyContinue
    >>
    >> ##output to file
    >> $search | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name -Wrap > TOP-ERRORS.TXT
    >> $search > $tempDir\LOGS\SEARCH.TXT
    >>
    >> if($Global:eventOut -eq $True)
    >> {
    >> $search | Group-Object | Sort-Object Count -Descending |
    >> Select-Object -Property Count, Name | Out-GridView -Title "Top `"Errors`" via EVTX - V-$Ver"
    >> }
    >>
    >> wh "`n Collecting Matching EVTX Entries ...`n"
    >> #Collecting all prev matching EVTX
    >> #$evtx = Get-ChildItem C:\Windows\System32\Winevt\Logs\*.evtx
    >> $evv = 0
    >>
    >> $providerName =
    >> (($search | Select-String "Provider:.*Message:").Matches.Value -Replace
    >> " Message:", "" -Replace "Provider:", "" | Group-Object ).Name
    >>
    >> #Converting Provider Name to Log Name
    >> $providerName = (($providerName | ForEach-Object {Get-WinEvent -ProviderName $_ -MaxEvents 1 -EA SilentlyContinue}).LogName | Group-Object).Name
    >> $providerName = $providerName -replace "Microsoft.", ""
    >> $providerName = $providerName -replace "Windows.", ""
    >> $providerName = $providerName -replace "`/.*$", ""
    >>
    >>
    >> $evtx = $providerName | foreach{Get-ChildItem "C:\Windows\System32\winevt\logs\*$_*"}
    >>
    >> Do{
    >> COPY $evtx[$evv].PSPath $tempDir\LOGS\EVTX\
    >> $evv++
    >> }
    >> Until($evv -eq $evtx.Count)
    >>
    >> } #End function writeSearch
    >>
    >>
    >> function GetUpdates
    >> {
    >> wh "`n Starting Get-WindowsUpdateLog Job-Function ...`n"
    >> $updateJob = {get-WindowsUpdateLog}
    >>
    >> if((Get-Host).Version.Major -cge 5) ##Modern Gatherer
    >> {
    >> Start-Job -Name GetUpdates -ScriptBlock $updateJob
    >> }
    >>
    >> ##Legacy Gatherer
    >> CP C:\Windows\WindowsUpdate.log $tempDir\LOGS\WindowsUpdate.log
    >>
    >> ##Installed-Updates/Packages
    >> Get-WmiObject win32_quickfixengineering > $tempDir\LOGS\Installed_Updates.TXT
    >> Get-WmiObject Win32_OperatingSystemQFE >> $tempDir\LOGS\Installed_Updates.TXT
    >> DISM /Online /Get-Packages /Format:Table >> $tempDir\LOGS\Installed_Updates.TXT
    >>
    >> } ## End function Get-Updates
    >>
    >>
    >> function PrinterCheck
    >> {
    >> wh "`n Getting Printer Information ..."
    >> get-printer | ft Name, ComputerName, Type, DriverName, PortName, Datatype, Location, DriverName > $tempDir\LOGS\Printers.TXT
    >> get-printerDriver | fl >> $tempDir\LOGS\Printers.TXT
    >> Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append
    >> Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append
    >> Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" | Out-File $tempDir\LOGS\Printers.TXT -Append
    >> write-output "## CBS ntprint CHECK ##" >> $tempDir\LOGS\Printers.TXT
    >> $cbsCheck = (Get-ChildItem C:\Windows\Logs\CBS\*cbs* -Recurse | select-string -Pattern "E_INVALIDARG in eventsXml.*Microsoft-Windows-PrintService")
    >> if($cbsCheck.Count -eq 0){Write-Output "## NO MATCHES IN CBS ##" >> $tempDir\LOGS\Printers.TXT} Else{$cbsCheck | Group-Object >> $tempDir\LOGS\Printers.TXT}
    >> write-output "## ntprint.dll CHECK ##" >> $tempDir\LOGS\Printers.TXT
    >> (Get-ChildItem C:\Windows\System32\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT
    >> (Get-ChildItem C:\Windows\SysWOW64\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT
    >>
    >> } ## End function PrinterCheck
    >>
    >>
    >> function UpdateHelper
    >> {
    >> if((Get-Host).Version.Major -cge 5)
    >> {
    >> $winupdatelog = get-item $tempDir\LOGS\windows-update.log ##WIN-10 File
    >> MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue | Out-Null
    >> CP C:\Windows\Logs\WindowsUpdate\*.etl $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue
    >> }
    >> Else{$winupdatelog = get-item $tempDir\LOGS\windowsupdate.log} ##LEGACY File
    >>
    >> $updateError = ($winupdatelog | select-string -pattern "error.*0x........");
    >> $updateErrorSplit = $updateError -Split " "
    >> $updateErrorCount = (($updateErrorSplit | select-string -pattern "0x........") -Replace "[(),'`.:]", "" -Replace "hr=", "");
    >>
    >> $updateErrorCount | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT -Width 999
    >> $updateError >> UPDATE-ERRORS.TXT
    >> if($updateError.length -eq 0){"No `"error.*0x........`" patterns Found in Windows-Update.log" | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT}
    >>
    >> ($winupdatelog | Select-String "KB\d\d\d\d\d\d\d" | Select-string "fail") | Out-file $tempDir\LOGS\UPDATE-ERRORS.TXT -Append -width 999
    >>
    >> } ## End function UpdateHelper
    >>
    >>
    >> function getProcesses
    >> {
    >> wh "`nGetting Active Process ...`n"
    >> Get-Process > $tempDir\LOGS\Running-Processes.TXT
    >> CMD.EXE /C "tasklist /svc" | Out-File -Append $tempDir\LOGS\Running-Processes.TXT
    >>
    >> } ## End function getProcesses
    >>
    >>
    >> function GetApps
    >> {
    >> wh "`n Getting List of Installed Apps...`n"
    >> Get-WmiObject -Class Win32_Product | Format-Table -Property Name, Version, Vendor > $tempDir\LOGS\Installed-Apps.TXT
    >> Get-AppxPackage | ft Name, Version, InstallLocation, IspArtiallyStaged, SignatureKind, Status >> $tempDir\LOGS\Installed-Apps.TXT
    >>
    >> } ## End function GetApps
    >>
    >>
    >> function SetupLogs
    >> {
    >> wh "`nGetting Windows Setup Logs Independent of SetupDiage.exe...`n"
    >> MD $tempDir\LOGS\SETUP\ -EA SilentlyContinue
    >> dir C:\ > $tempDir\LOGS\Dir_Structure.txt
    >>
    >> ## Main Setup Collection
    >> if($env:SystemDrive -eq 'C:') ##Verify SystemDrive
    >> {
    >> $SetupPaths = @()
    >>
    >> $locations = @(
    >> 'C:\GetCurrent',
    >> 'C:\$Reset',
    >> 'C:\$SysReset',
    >> 'C:\$Windows.~BT',
    >> 'C:\$Windows.~WS',
    >> 'C:\Windows\Logs\',
    >> 'C:\Windows\Panther\',
    >> 'C:\Windows\inf\',
    >> 'C:\Windows\System32\LogFiles\',
    >> 'C:\Windows\System32\SysPrep\',
    >> 'C:\Windows10Upgrade',
    >> 'C:\Windows.old\Windows\Panther')
    >>
    >> for($i = 0; $locations.count -gt $i; $i++)
    >> {
    >> if((get-item $locations[$i] -Force -EA SilentlyContinue).length -gt 0) ##Null Path Check -Force for Hidden
    >> {
    >> CD $locations[$i]
    >> ##Search includes setuperr/setupact only
    >> $SetupPaths += Get-ChildItem * -Force -Recurse -Include setuperr.log, setupact.log, miglog.xml, *APPRAISER_Humanreadable.xml -EA SilentlyContinue
    >> }
    >> }
    >>
    >> $cleanPaths = @()
    >>
    >> for($i = 0; $SetupPaths.count -gt $i; $i++)
    >> {
    >> $cleanPaths += $SetupPaths[$i].PSParentPath.ToString() -replace "Microsoft\.PowerShell\.Core\\FileSystem\:\:C\:", ""
    >> }
    >>
    >> CD $tempDir\LOGS\SETUP\
    >> MD $cleanPaths -Force
    >> CD $tempDir\LOGS\
    >>
    >> for($i = 0; $SetupPaths.count -gt $i; $i++)
    >> {
    >> $destPath = "$tempDir\LOGS\SETUP" + $cleanPaths[$i]
    >> $copyPathLog = ($SetupPaths[$i].ToString())
    >>
    >> Copy $copyPathLog -Destination $destPath
    >> }
    >>
    >> }Else{Write-Host "`nSystem Drive is not C:... Setup Collection Aborted!`n"}
    >> ## End Main Setup Collection
    >>
    >>
    >> ## Setup Reg Output
    >> Get-ChildItem HKLM:\SYSTEM\SETUP\ | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT
    >> Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\Me* -recurse -EA SilentlyContinue | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append
    >> Get-Childitem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append
    >>
    >> ## SetupAct String Search
    >>
    >>
    >>
    >> $setupRegx = @("MOUPG SetupHost..Initialize:",
    >> "============================",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG SetupHost..Initialize. CmdLine"),
    >> "",
    >> "MOUPG Setup build & Host OS Build:",
    >> "==================================",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG SetupHost..Setup build"),
    >> "...",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG Host OS"),
    >> "",
    >> "Watson Parameters (4&5):",
    >> "=======================",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Watson Bucketing Parameters\[[4-5]\]" ),
    >> "",
    >> "\[0x........\]Error:",
    >> "==================",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "\[0x........\]\[0x.....\]"),
    >> "",
    >> "`"FATAL`":",
    >> "======",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "FATAL" | Select-String -NotMatch "FatalExecutionEngineError" | Select-String -NotMatch "non-fatal"),
    >> "",
    >> "`"Error `":",
    >> "===========",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Error "),
    >> "",
    >> "MIGRATE.*DATA:",
    >> "==============",
    >> "",
    >> (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MIGRATE.*DATA"),
    >> ""
    >> )
    >> $q=0
    >> Do {$setupRegx[$q] | Out-File $tempDir\LOGS\SETUP\SetupAct-Regex.TXT -Append -Width 999 ##spool out results
    >> $q++
    >> }Until($q -eq $setupRegx.Count)
    >>
    >> } ## End function SetupLogs
    >>
    >>
    >> function powerCFGInfo
    >> {
    >> MD $tempDir\LOGS\POWER\ -EA SilentlyContinue | Out-Null
    >> wh "`n Grabbing PowerCFG, Sleep & Battery Info ...`n"
    >>
    >> ("`n" + "Available Sleep States (/A): `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> powercfg /a | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >> ("`n" + "-DeviceQuery Wake_Armed: `r" + "`n" +"========================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> powercfg -devicequery wake_armed | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >> ("`n" + "Last Wake (-lastwake): `r" + "`n" +"=====================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> powercfg -lastwake | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >> ("`n" + "-Requests: `r" + "`n" +"==========`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> powercfg -requests | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >> $powerList = powercfg -list
    >> $powerList | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> $powerActive = $powerList | select-string "\*" | powercfg /QH "$_"
    >> ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >> ("`n" + "Active Power Scheme Details: `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >> $powerActive | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt
    >>
    >>
    >> if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support powercfg /battery /sleepstudy
    >> {
    >> $ifbattery = Get-WmiObject win32_battery
    >> if ( $ifbattery.__SERVER.count -cge 1 ) { CMD.EXE /C "powercfg /batteryreport /output %temp%\LOGS\POWER\battery-report.html" }
    >> CMD.EXE /C "powercfg /sleepstudy /output %temp%\LOGS\POWER\sleepstudy-report.html"
    >> }
    >> CMD.EXE /C "powercfg /ENERGY /duration 10 /output %temp%\LOGS\POWER\energy-report.html"
    >>
    >> } ## End function powerCFGInfo
    >>
    >>
    >> function sysProductCheck
    >> {
    >> wh "`n Getting SystemProductName ...`n"
    >> ##SystemInformation Reg
    >> reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\ /v SystemProductName > $tempDir\LOGS\REG_SystemProductName.TXT
    >> Get-WmiObject Win32_ComputerSystem > $tempDir\LOGS\WMI_Object_System.TXT
    >> Get-WmiObject Win32_ComputerSystemProduct >> $tempDir\LOGS\WMI_Object_System.TXT
    >>
    >> } ## End functions sysProductCheck
    >>
    >>
    >> function showWLAN
    >> {
    >> wh "Generating NETSH WLAN Report...`n"
    >>
    >> $showWLANjob = {
    >> CMD.EXE /c "netsh wlan show networks mode=ssid > %temp%\LOGS\Network\wlan.txt"
    >> CMD.EXE /c "netsh wlan show networks mode=bssid >> %temp%\LOGS\Network\wlan.txt"
    >> CMD.EXE /c "netsh winhttp show proxy > %temp%\LOGS\Network\proxy.txt"
    >> CMD.EXE /c "netsh wlan show wlanreport & COPY C:\ProgramData\Microsoft\Windows\wlanReport\wlan-report-latest.html %temp%\LOGS\Network\wlan-report-latest.html"
    >> ##WIN7 Does not Support netsh wlanreport
    >> }
    >>
    >> Start-Job -Name showWLAN -ScriptBlock $showWLANjob
    >>
    >> } ## End function sysProductCheck
    >>
    >>
    >> function getGPRESULT
    >> {
    >> wh "`nGetting GPRESULT...`n"
    >> CMD.EXE /C "GPRESULT /V > %temp%\LOGS\GPRESULT.TXT"
    >>
    >> } ## End function getGPRESULT
    >>
    >>
    >> function reservedCheck
    >> {
    >>
    >> $reservedJob =
    >> {
    >> $vol = (mountvol /L | select-string -Pattern "")
    >> $volstring = "mountvol y:" + $vol[0]
    >> CMD.EXE /C $volstring
    >>
    >> SLEEP 2
    >>
    >> CMD.EXE /C "CHKDSK y: > %temp%\LOGS\SystemReserved.TXT"
    >>
    >> SLEEP 2 # Pause after drive dismount
    >>
    >> CMD.EXE /C "mountvol y: /D"
    >> }
    >>
    >> Start-Job -Name reservedJob -ScriptBlock $reservedJob
    >>
    >> } ## End function reservedCheck
    >>
    >>
    >> function fltmcCheck
    >> {
    >> wh "`n Getting fltmc Filters ...`n"
    >> CMD.EXE /c "fltmc filters > %temp%\LOGS\fltmc_filters.TXT"
    >>
    >> } ## End function fltmcCheck
    >>
    >>
    >> function getDXDiag
    >> {
    >> wh "`n Grabbing DXDiag Info...`n"
    >> C:\Windows\System32\dxdiag /x $explore\DxDiag
    >>
    >> } ## End function getDXDiag
    >>
    >>
    >> function getMSINFO
    >> {
    >> wh "`n Gathering MSINFO32 ...`n"
    >> ## check if msinfo is already gathering - if so stop
    >> If((get-process | select-string -Pattern "msinfo").Pattern -eq "msinfo")
    >> {Stop-Process -ProcessName msinfo32}
    >>
    >> C:\Windows\System32\msinfo32.exe /nfo $tempDir/LOGS/MSINFO32.NFO
    >>
    >> } ## End function getMSINFO
    >>
    >>
    >> function getAV
    >> {
    >> if((Get-Host).Version.Major -cge 5) ##Modern OS Only
    >> {
    >> wh "`n Grab root\SecurityCenter2 AntivirusProduct ...`n"
    >> $avPath = (Get-WmiObject -Namespace root\SecurityCenter2 -Class AntivirusProduct) | % {$_.pathtoSignedProductEXE}
    >> "AV Info" + "`n========" | Out-File $tempDir/LOGS/SecurityProductInformation.TXT
    >> $avPath | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append
    >> if($avPath[0] -match "exe")
    >> {
    >> $path = (Get-Item $avPath[0]).PSParentPath
    >> Get-Item $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append
    >> Get-Content $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append
    >> }
    >> Get-ChildItem "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -recurse -EA SilentlyContinue | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append
    >> }
    >> } ## End function getAV
    >>
    >>
    >> function getDrivers
    >> {
    >> wh "`n Grabbing Driver listing via DISM.EXE ...`n"
    >> $drivers = cmd.exe /C "dism /online /get-drivers /format:table"
    >> $drivers += cmd.exe /C "dism /online /get-drivers /all /format:table"
    >> $drivers | Out-File $tempDir/LOGS/DISM-Get-Drivers.TXT
    >> wh "`n Done!`n"
    >> } ## End Function getDrivers
    >>
    >>
    >> function getMISCLogs
    >> {
    >> wh "`nCopying misc. logs ...`n"
    >> MD $tempDir\LOGS\WER\ -EA SilentlyContinue
    >> MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue
    >> CP "C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\*" $tempDir\LOGS\WER\ -Recurse -EA SilentlyContinue
    >> CP "C:\Windows\Logs\CBS\*cbs*" $tempDir\LOGS\Windows\Logs\
    >> CP "C:\Windows\Logs\DISM\*dism*" $TempDir\LOGS\Windows\Logs\
    >> CP "C:\Windows\Logs\WindowsUpdate\*" $TempDir\LOGS\Windows\Logs\WindowsUpdate\
    >>
    >>
    >> #DMP Collect
    >> $dmp = @()
    >> $dmp += Get-ChildItem C:\Windows\*.dmp
    >> $dmp += (Get-ChildItem C:\Windows\LiveKernelReports\*.dmp -Recurse -EA SilentlyContinue)
    >> $dmp += (Get-ChildItem C:\Windows\Minidump\*.dmp -Recurse -EA SilentlyContinue)
    >> #Validate empty array
    >> if($dmp.length -ne 0)
    >> {
    >> $dd=0
    >> Do{
    >> If($dmp[$dd].length -lt 2000000)
    >> { $destPath = $dmp[$dd].PSParentPath.Replace('C:\', '').Replace('Microsoft.PowerShell.Core\FileSystem::', '')
    >> MD $destPath -EA SilentlyContinue
    >> COPY -Path $dmp[$dd].PSPath -Destination $destPath }
    >> $dd++
    >> }
    >> Until($dd -eq $dmp.Count)
    >> }
    >>
    >> #disk info
    >> "`nGet-Disk:`n=========" > $tempDir\LOGS\Disk-Info.TXT
    >> Get-Disk |fl >> $tempDir\LOGS\Disk-Info.TXT
    >> "`nGet-Partition:`n==============" >> $tempDir\LOGS\Disk-Info.TXT
    >> Get-Partition >> $tempDir\LOGS\Disk-Info.TXT
    >> Manage-bde -protectors -get C: >> $tempDir\LOGS\Disk-Info.TXT
    >> "`nIO Fail Search:`n===============`n" >> $tempDir\LOGS\Disk-Info.TXT
    >> $search | Select-String ".*io.fail.*" | Select-String -NotMatch '0, 0, 0, 0' >> $tempDir\LOGS\Disk-Info.TXT
    >>
    >> } ## End function getMISCLogs
    >>
    >>
    >> function bingCollect
    >> {
    >> ##O365 Firewall Check & Bing.com diagnostics.asp
    >> ##URIs based on Article:
    >> ##Office 365 URLs and IP address ranges | Microsoft Docs
    >>
    >> MD $TempDir\LOGS\Network\ -EA SilentlyContinue
    >>
    >> wh "Performing Bing & O365 URI Check ... `n"
    >>
    >>
    >> $bingCheck = (Invoke-WebRequest -Uri https://www.bing.com/fdv2/diagnostics.aspx -UseBasicParsing)
    >> $bingCheck | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT
    >>
    >> $URIs = @('api.login.microsoftonline.com', #0 Standard Reply = 403
    >> 'api.passwordreset.microsoftonline.com', #1 Standard Reply = 200
    >> 'becws.microsoftonline.com', #2 Standard Reply = 403
    >> 'clientconfig.microsoftonline-p.net', #3 Standard Reply = 404
    >> 'companymanager.microsoftonline.com', #4 Standard Reply = 403
    >> 'device.login.microsoftonline.com', #5 Standard Reply = 200
    >> 'graph.microsoft.com', #6 Standard Reply = 404
    >> 'hip.microsoftonline-p.net', #7 Standard Reply = 404
    >> 'hipservice.microsoftonline.com', #8 Standard Reply = 404
    >> 'login.microsoft.com', #9 Standard Reply = 200
    >> 'login.microsoftonline.com', #10 Standard Reply = 200
    >> 'logincert.microsoftonline.com', #11 Standard Reply = 200
    >> 'loginex.microsoftonline.com', #12 Standard Reply = 200
    >> 'login-us.microsoftonline.com', #13 Standard Reply = 200
    >> 'login.microsoftonline-p.com', #14 Standard Reply = 200
    >> 'login.windows.net', #15 Standard Reply = 200
    >> 'nexus.microsoftonline-p.com', #16 Standard Reply = 403
    >> 'passwordreset.microsoftonline.com', #17 Standard Reply = 200
    >> 'provisioningapi.microsoftonline.com', #18 Standard Reply = 403
    >> 'stamp2.login.microsoftonline.com', #19 Standard Reply = 200
    >> 'ccs.login.microsoftonline.com', #20 Standard Reply = 401
    >> 'ccs-sdf.login.microsoftonline.com', #21 Standard Reply = 401
    >> 'accounts.accesscontrol.windows.net', #22 Standard Reply = 200
    >> 'secure.aadcdn.microsoftonline-p.com', #23 Standard Reply = 400
    >> 'windows.net', #24 Standard Reply = 200
    >> 'phonefactor.net', #25 Standard Reply = 200
    >> 'account.activedirectory.windowsazure.com', #26 Standard Reply = 404
    >> 'secure.aadcdn.microsoftonline-p.com', #27 Standard Reply = 400
    >> 'login.windows.net', #28 Standard Reply = 200
    >> 'provisioningapi.microsoftonline.com', #29 Standard Reply = 403
    >> 'mscrl.microsoft.com', #30 Standard Reply = 400
    >> 'secure.aadcdn.microsoftonline-p.com', #31 Standard Reply = 400
    >> 'windowsupdate.microsoft.com', #32 Standard Reply = 200
    >> 'update.microsoft.com', #33 Standard Reply = 200
    >> 'au.download.windowsupdate.com', #34 Standard Reply = 200
    >> 'download.windowsupdate.com', #35 Standard Reply = 200
    >> 'download.microsoft.com', #36 Standard Reply = 200
    >> 'tlu.dl.delivery.mp.microsoft.com'); #37 Standard Reply = 403
    >>
    >>
    >> $count = 0;
    >> $queryResult [email protected]{};
    >>
    >> Write-Host "Checking URIs .." -NoNewline
    >>
    >> Do {
    >> Try{
    >> $queryResult[$count] = (Invoke-WebRequest -Uri ("http:`/`/" + $URIs[$count]) -Method Head -UseBasicParsing -TimeoutSec 2).RawContent
    >> }Catch{ $catch = $_ }
    >>
    >> if($queryResult[$count].Count -eq 0)
    >> {$queryResult[$count] = ($catch[$catch.count -1].ToString()).Replace("`n", " ")}
    >> Write-Host "." -NoNewline
    >> $count++
    >> }Until ($count -eq ($URIs.Count));
    >> Write-Host "."
    >>
    >> Get-Date | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append
    >> $queryResult | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append
    >>
    >> Write-Host " Bing Check", `n, "==========" | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append
    >>
    >> wh "`n`n`n`URL Check Finished...`n"
    >> }
    >>
    >>
    >> function smbConfig
    >> {
    >>
    >> $CMDs =
    >> { cmd.exe /c "net config server"
    >> cmd.exe /c "net config workstation"
    >> Get-SmbClientNetworkInterface
    >> Get-SmbServerConfiguration
    >> Get-SmbClientConfiguration
    >> Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer"
    >> Get-NetAdapterAdvancedProperty | ft }
    >>
    >> ForEach-Object{Invoke-Command $CMDs | Out-File $TempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}
    >>
    >> $share = Get-SmbShare
    >>
    >> ForEach-Object{Get-SmbShareAccess $share.Name | ft | Out-File $tempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}
    >>
    >> } ## End Function smbConfig
    >>
    >>
    >> function regLang
    >> {
    >> DISM.EXE /Online /Get-Intl | Out-File $tempDir\LOGS\Reg-Lang.TXT
    >> "`n","Get-WinUserLanguageList","=======================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append
    >> Get-WinUserLanguageList | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append
    >> "`n","Get-WinLanguageBarOption","========================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append
    >> Get-WinLanguageBarOption | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append
    >> }
    >>
    >>
    >> function autoRotate
    >> {
    >> Get-ChildItem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Auto* | Out-File $tempDir\LOGS\AutoRotate.TXT
    >> }
    >>
    >>
    >> function checkBoxes
    >> {
    >> Add-Type -AssemblyName System.Windows.Forms
    >> Add-Type -AssemblyName System.Drawing
    >>
    >> $Global:form = New-Object System.Windows.Forms.Form
    >> $Global:form.Text = "LOGS-V$ver"
    >> $Global:form.Size = New-Object System.Drawing.Size(300,400)
    >> $Global:form.StartPosition = 'CenterScreen'
    >>
    >> $OKButton = New-Object System.Windows.Forms.Button
    >> $OKButton.Location = New-Object System.Drawing.Point(100,300)
    >> $OKButton.Size = New-Object System.Drawing.Size(75,23)
    >> $OKButton.Text = 'OK'
    >> $OKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
    >> $Global:form.AcceptButton = $OKButton
    >> $Global:form.Controls.Add($OKButton)
    >>
    >> $Global:form.ControlBox = $false
    >>
    >> $Global:boxNum = 1
    >> $Global:checkBox = @{} #hash for $checkBox
    >> $tag = @{} #hash for $label
    >> $Global:Box = @{}
    >>
    >> function createCheckBox
    >> {
    >> Param ( [parameter (Mandatory = $true)][string]$name,
    >> [parameter (Mandatory = $true)][string]$label )
    >>
    >> $drawingPoint = (50 + ($boxNum *25))
    >>
    >> $Global:checkBox[$boxNum] = New-Object System.Windows.Forms.CheckBox
    >> $Global:checkBox[$boxNum].Location = New-Object System.Drawing.Point(10,$drawingPoint)
    >> $Global:checkBox[$boxNum].Size = New-Object System.Drawing.Size(15,15)
    >> $Global:checkBox[$boxNum].Text = ''
    >> $Global:checkBox[$boxNum].Checked = $true
    >> $Global:form.Controls.Add($checkBox[$boxNum])
    >> #SetupDiag Label
    >> $tag[$boxNum] = New-Object System.Windows.Forms.Label
    >> $tag[$boxNum].Location = New-Object System.Drawing.Point(40,$drawingPoint)
    >> $tag[$boxNum].Size = New-Object System.Drawing.Size(280,20)
    >> $tag[$boxNum].Text = "$label"
    >> $Global:form.Controls.Add($tag[$boxNum])
    >>
    >> $Global:boxNum ++
    >>
    >> } #End nested function createCheckBox
    >>
    >> createCheckBox -name "EV" -label "EventSearch EventLog Helper" #1
    >> createCheckBox -name "SD" -label "SetupDiag.EXE Setup Diagnostics" #2
    >> createCheckBox -name "WU" -label "Get-WindowsUpdateLog Collection" #3
    >> createCheckBox -name "IP" -label "Network Information" #4
    >> createCheckBox -name "PW" -label "POWERCFG. Sleep & Battery Info" #5
    >> createCheckBox -name "GP" -label "GPResult Info" #6
    >> createCheckBox -name "MS" -label "General Machine Info" #7
    >> createCheckBox -name "EO" -label "EventSearch Out-GridView" #8
    >>
    >> #Checkbox State Changes
    >> $Global:checkBox[1].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[1].checked -eq $True){ $Global:EventsCollect = $true ; Write-Host "." -nonewline} Else{ $Global:EventsCollect = $false }
    >>
    >> })
    >> $Global:checkBox[2].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[2].checked -eq $True){ $Global:SetupDiagCollect = $true ; Write-Host "." -nonewline} Else{ $Global:SetupDiagCollect = $false }
    >>
    >> })
    >> $Global:checkBox[3].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[3].checked -eq $True){ $Global:UpdatesCollect = $true ; Write-Host "." -nonewline} Else{ $Global:UpdatesCollect = $false }
    >>
    >> })
    >> $Global:checkBox[4].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[4].checked -eq $True){ $Global:WLANCollect = $true ; Write-Host "." -nonewline} Else{ $Global:WLANCollect = $false }
    >>
    >> })
    >>
    >> $Global:checkBox[5].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[5].checked -eq $True){ $Global:PowerCollect = $true ; Write-Host "." -nonewline} Else{ $Global:PowerCollect = $false }
    >>
    >> })
    >> $Global:checkBox[6].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[6].checked -eq $True){ $Global:GPCollect = $true ; Write-Host "." -nonewline} Else{ $Global:GPCollect = $false }
    >>
    >> })
    >> $Global:checkBox[7].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[7].checked -eq $True){ $Global:miscCollect = $true ; Write-Host "." -nonewline} Else{ $Global:miscCollect = $false }
    >>
    >> })
    >>
    >> $Global:checkBox[8].Add_CheckStateChanged(
    >> {
    >> if($Global:checkBox[8].checked -eq $True){ $Global:eventOut = $true ; $Global:checkBox[1].checked = $true; Write-Host "x" -nonewline} Else{ $Global:eventOut = $false }
    >>
    >> })
    >>
    >> $Global:checkBox[8].Checked = $false
    >> $mainText = New-Object System.Windows.Forms.Label
    >> $mainText.Location = New-Object System.Drawing.Point(62,30)
    >> $mainText.Size = New-Object System.Drawing.Size(260,20)
    >> $mainText.Text = 'Choose which logs to collect:'
    >> $Global:form.Controls.Add($mainText)
    >> $result = $Global:form.ShowDialog()
    >> SLEEP 1 #testing Topmost lag
    >> $Global:form.Topmost = $true
    >>
    >> #OK Button ...
    >> if ($result -eq [System.Windows.Forms.DialogResult]::OK)
    >> {
    >> $x = $textBox.Text
    >> $x
    >> }
    >>
    >> } #End function checkBoxes
    >>
    >>
    >> Function werHint
    >> {
    >> $WERs = Get-ChildItem $tempDir\LOGS\WER\*.wer -Recurse
    >>
    >> $WERArray = @()
    >>
    >> $Date = $WERs | Select-String -pattern "eventtime=" | % {$_ -Replace("C:.*EventTime=", "")}
    >> $eventType = $WERs | Select-String -pattern "EventType=" | % {$_ -Replace("C:.*EventType=", "")}
    >> $Sig0Nam = $WERs | Select-String -pattern "Sig\[0\].Name" | % {$_ -Replace("C:.*Sig\[0\].Name=", "")}
    >> $Sig0Val = $WERs | Select-String -pattern "Sig\[0\].Value" | % {$_ -Replace("C:.*Sig\[0\].Value=", "")}
    >> $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}
    >> $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}
    >> $Sig4 = $WERs | Select-String -pattern "Sig\[4\].Value" | % {$_ -Replace("C:.*Sig\[4\].Value=", "")}
    >>
    >> #ConvertDateTime
    >> $epoch = [datetime]"01/01/1601 00:00"
    >> $date = $date | foreach{$epoch.AddSeconds($_/10000000)}
    >> $convertedDate = foreach($Date in $Date) {Get-Date $Date -Format G}
    >>
    >> $WERarray = 0..($convertedDate.Length -1) | Select-Object @{n="Id";e={$_}},
    >> @{n="Date";e={$convertedDate[$_]}}, @{n="EventType";e={$eventType[$_]}},
    >> @{n="S0-Name";e={$Sig0Nam[$_]}}, @{n="S0-Value";e={$Sig0Val[$_]}}, @{n="S3";e={$Sig3[$_]}},
    >> @{n="S4";e={$Sig4[$_]}}
    >>
    >> $WERArray |Sort-Object -Descending Date | ft -autosize Date, EventType, S0-Name, S0-Value, S3, S4 |
    >> Out-File $tempDir\LOGS\WER-SUMMARY.TXT -Width 500
    >>
    >> } ## End Function werHint
    >>
    >>
    >>
    >> ### FUNCTIONS_INIT ###
    >>
    >> $Script:Cancel = @{}
    >>
    >> StartScript #function
    >> checkBoxes
    >>
    >> ## SetupDiagCollect #2
    >> if($Global:SetupDiagCollect -eq $True)
    >> {
    >> SetupDiagFunc #function & job
    >> wh "...`n"
    >> }
    >> ## EventSearch #1
    >> if($Global:EventsCollect -eq $True)
    >> {
    >> EventSearch #function & job
    >> wh "...`n"
    >> }
    >>
    >> ## Get-WindowsUpdate #3
    >> if($Global:UpdatesCollect -eq $True)
    >> {
    >> GetUpdates #function & job
    >> wh "...`n`n"
    >> }
    >>
    >> ## WLAN/Wifi Collect #4
    >> if($Global:WLANCollect -eq $True)
    >> {
    >> bingCollect #function
    >> wh "...`n"
    >> showWLAN #function & job
    >> wh "...`n"
    >> smbConfig #function
    >> }
    >>
    >> ## Power/Battery Collect:#5
    >> if($Global:PowerCollect -eq $True)
    >> {
    >> powerCFGInfo #function - make job takes a min
    >> wh "...`n"
    >> }
    >>
    >> ## GPRESULT Collection: #6
    >> if($Global:GPCollect -eq $True)
    >> {
    >> getGPRESULT #function
    >> wh "...`n"
    >> }
    >>
    >> ## Misc Logs Collection: #7
    >> if($Global:miscCollect -eq $True)
    >> {
    >> getMSINFO #function & job
    >> wh "...`n"
    >> PrinterCheck #function
    >> wh "...`n"
    >> getProcesses #function
    >> wh "...`n"
    >> getApps #function - make job - takes a min
    >> wh "...`n"
    >> SetupLogs #function
    >> wh "...`n"
    >> sysProductCheck #function
    >> wh "...`n"
    >> reservedCheck #function
    >> wh "...`n"
    >> fltmcCheck #function
    >> wh "...`n"
    >> getDXDiag #function
    >> wh "...`n"
    >> regLang #function
    >> wh "...`n"
    >> autoRotate #function
    >> getMISCLogs #function
    >> wh "...`n"
    >> getDrivers #function
    >> wh "...`n"
    >> getAV #function
    >> wh "...`n"
    >> }
    >>
    >>
    >> #### RECEIVING JOBS SECTION ###...
    >>
    >> #EventSearchJob
    >> if($Global:EventsCollect -eq $True)
    >> {
    >> wh "`nWaiting for EventSearchJob to complete...`n"
    >>
    >> Receive-Job -Name EventSearchJob -OutVariable eventSearch -Wait
    >> $search = $eventSearch.Line
    >> }
    >>
    >>
    >> if($Global:SetupDiagCollect -eq $True)
    >> {
    >> #SetupDiagJob - Receive-Job
    >> $stamp = (Get-Date -format "hh:mm tt")
    >> wh "`nWaiting for SetupDiagJob to complete..."
    >> wh "`nTime Stamp: $stamp"
    >> wh "`nThis can take up to 10 minutes ..."
    >>
    >> Do{
    >> SLEEP 15
    >> wh "."
    >> if((Get-Job -name SetupDiagJob).State -eq "Completed")
    >> { Receive-Job -Name SetupDiagJob
    >> wh "`nSetupDiag Completed!"
    >> Break }
    >> }Until($Cancel.SetupDiag -eq $True)
    >> wh `n
    >>
    >> #Receive file and copy
    >> Receive-Job -Name SetupDiagJob -Wait
    >> Copy-Item $tempDir\Logs*.zip $tempDir\LOGS\SetupDiag-Log.zip
    >> Copy-Item $tempDir\setupdiag*.log $tempDir\LOGS\
    >> Remove-Item $tempDir\Logs*.zip
    >> }
    >>
    >>
    >> if($Global:UpdatesCollect -eq $True)
    >> {
    >> #GetUpdates Job via:
    >> #UpdateHelper <--- GetUpdates Job has to finish first!
    >> #Checking Status of GetUpdates Job...
    >> wh "Checking Status of GetUpdates Job...`n"
    >> If ((Get-Job -Name GetUpdates).State -eq "Failed")
    >> { wh "`nGetUpdates Job Failed!`n" }
    >> Else{
    >> Receive-Job -Name GetUpdates -wait
    >> Move $env:USERPROFILE\Desktop\WindowsUpdate.log $TempDir\LOGS\Windows-Update.log -Force
    >> wh "`n Writing Update Helper Info to UPDATE-ERRORS.TXT ... `n"
    >> UpdateHelper #run the update helper function
    >> }
    >> } #End getting GetUpdates-job
    >>
    >> #Finishing EventSearch
    >> if($Global:EventsCollect -eq $True)
    >> {
    >> writeSearch #function
    >> }
    >>
    >> #Wait on MSINFO...
    >> if($Global:miscCollect -eq $True)
    >> {
    >> wh "`n Waiting for MSINFO32 to Complete ...`n"
    >> do{ start-sleep 1 }
    >> Until((get-process | select-string -Pattern "msinfo").Pattern -cne "msinfo")
    >> werHint #function
    >> }
    >>
    >>
    >> if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support Transcript
    >> {
    >>
    >> Stop-Transcript
    >>
    >> do{
    >> start-sleep 1
    >> }
    >> Until((get-item $tempDir\LOGS\Event-Search.TXT).Length -cne 0)
    >>
    >> }
    >>
    >> wh "`nLog Collection Completed! `nLogs are available in %temp%\LOGS\`n"
    >> wh "`nHit Any Key or Close ...`n"
    >>
    >> Start-Sleep 1
    >>
    >> Start Explorer.exe $explore
    >>
    >> PAUSE
    >>
    >> ## LOGS.PS1 1.6.3 ##
    >> ## JOHNEM 8-2019 ##
    >> ## EOF ##

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.pngWin10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    I will have to reboot for command prompt to do 10) & 11) so I will wait until this evening.
    I lost the Super and ESET scan reports when I rebooted. I just realized that these scans were also scanning an external drive I use for backup and that is where they seemed to stay forever. I am going to disconnect that drive and a thumb drive that I had plugged in, then run the 12) scans again - one at a time.
      My Computer


  6. Posts : 38,342
    windows 10 professional version 1607 build 14393.969 64 bit
       #36

    Post an image for post #22 step #15.

    Please consider the options / tutorials in post #2.

    For example: reset save files:
    Reset Windows 10

    This way you can start fresh.
    It's the next best option compared to a clean install.
      My Computer


  7. Posts : 79
    win10 home 1903
    Thread Starter
       #37

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    zbook said:
    Post an image for post #22 step #15. See post #37
    Please consider the options / tutorials in post #2.
    For example: reset save files: Reset Windows 10
    This way you can start fresh.
    It's the next best option compared to a clean install.
    zbook, Does this mean I should stop doing the rest of the numbers on post #22? And are you saying that Win10 is what is corrupted rather than the computer?


    1. Is there a way to save the list of programs that I have installed?
    2. And can you recommend a program that will allow me to transfer copies of all of the files in User to my laptop? My fear is that Resetting Win 10 may be able to save files, but history tells me to be doubly careful when making such a major operation.
    3. Win 10 was an upgrade provided to me free of charge by MS some years ago and all of the OS was downloaded. I have nothing on disks. Is this going to be a problem?
    4. And is there a way to save all the settings/profiles for all the programs that will be removed? Having to go through and re-initialize each program will take months of frustration as there was a learning curve with each program.
    5. What is a free backup image you asked about on post #2? Is it a backup for files or what is it used for? I do have backups of most files.
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10 Attached Files
    Last edited by Gomer; 01 Apr 2020 at 14:56.
      My Computer


  8. Posts : 38,342
    windows 10 professional version 1607 build 14393.969 64 bit
       #38

    Gomer said:
    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -

    Win10 crashed, no Shortcuts. Is there a WinIni file in Win10-image.png

    - - - Updated - - -



    zbook, Does this mean I should stop doing the rest of the numbers on post #22? And are you saying that Win10 is what is corrupted rather than the computer?


    1. Is there a way to save the list of programs that I have installed?
    2. And can you recommend a program that will allow me to transfer copies of all of the files in User to my laptop? My fear is that Resetting Win 10 may be able to save files, but history tells me to be doubly careful when making such a major operation.
    3. Win 10 was an upgrade provided to me free of charge by MS some years ago and all of the OS was downloaded. I have nothing on disks. Is this going to be a problem?
    4. And is there a way to save all the settings/profiles for all the programs that will be removed? Having to go through and re-initialize each program will take months of frustration as there was a learning curve with each program.
    5. What is a free backup image you asked about on post #2? Is it a backup for files or what is it used for? I do have backups of most files.

    1) The list of programs is available using control panel > add remove programs > snipping tool > print or save to a flash drive

    2) To backup files you can use an external HD or the cloud.
    Open file explorer > this PC > C: > Users > right click copy and paste to the drive or the cloud or both

    3) No problem as Windows 10 iso are free:

    https://www.microsoft.com/en-us/soft...load/windows10
    Download Windows 10 ISO File
    Create Bootable USB Flash Drive to Install Windows 10

    4) All drivers and applications need to be reinstalled.
    The goal is to have a clean system/computer with no residual problems.

    5) A backup image allows you to restore the image that was created at that moment in time.
    If there was malware, corruption, etc. you would not want to restore the image.
    After you reset save files or clean install and have installed drivers and applications you should create backup images.
    Then if you have malware, ransomware, corruption of the operating system, corruption of the registry, corruption of the drive file system, failure to boot, or unexpected drive failure you can restore a image.



    Consider these steps:
    a) Test the hardware with Dell diagnostics
    If there is any questionable finding there are more rigorous tests that can be performed.
    If there are no significant hardware problems decide whether you want to switch from HD to SSD for the quick boot times and increased performance.
    b) Installing Windows 10 can be performed for free using a Windows 10 iso as licenses are now stored in Microsoft servers.
    If there are any problems you can run the Microsoft activation troubleshooted or call Microsoft on their global telephone numbers.
    c) a reset save files does not need an iso
      My Computer


  9. Posts : 79
    win10 home 1903
    Thread Starter
       #39

    zbook, sorry for the delay, I've gotten out my old Win7 laptop to keep from having to re-initialize my desktop computer. And for the past couple days have been backing up some files in preparation for doing the reinstall.

    first let me thank you muchly for your good help. I do hope this is your job rather than your unpaid community service. If the latter, you deserve a medal or that sainthood when the time comes.

    Now to your suggestions:
    Consider these steps:
    a) Test the hardware with Dell diagnostics
    I did try to get some diagnostics from Dell, but can't seem to find anything for this old machine. I think I remember that you suggested that I might need a new machine, or perhaps I just read that between the lines. As a former electronics tech who spent many a day upgrading equipment for my work, I have an aversion to just dumping an old piece of equipment before I know it is no longer worth the effort. (And in the days when I was employed, we often stripped the chassis and completely rebuilt it.) So that brings me to what you next wrote:

    If there is any questionable finding there are more rigorous tests that can be performed.

    In the last couple of days something has happened to the machine. I hear a sound that speeds up and falls off, a sine way-like, repetitive sound that is probably a motor - since there are only fans and hard drives, it must be one or the other. Would you suggest a program that will test either or both? Meanwhile I'll start looking for a new machine.


      My Computer


  10. Posts : 38,342
    windows 10 professional version 1607 build 14393.969 64 bit
       #40

    There should be Dell diagnostics on the Dell website.
    Please open Dell support > enter service tag
    Run customized tests overnight.
    Run additional customized tests the next day (interactive)
    Post images into the thread.

    We are volunteers.
    Glad to help you.
      My Computer


 
Page 4 of 7 FirstFirst ... 23456 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 23:41.
Find Us




Windows 10 Forums