WppRecorder.sys problem when updating Windows 10 from 1909 to 20H2

Page 9 of 15 FirstFirst ... 7891011 ... LastLast

  1. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #81

    smartcooky said:
    Marcrium Reflects Windows PE gives me a Command Prompt option so I will use that.

    Please make the bootable windows 10 iso 20H2.
      My Computer


  2. Posts : 187
    Windows 10 Home 32 bit
    Thread Starter
       #82

    I will leave WDV running for the required 36 hours and get back to you
      My Computers


  3. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #83

    Goodnight.
      My Computer


  4. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #84

    Downloads - REALTEK

    The driver may have a different website / component manufacturer.

    Technical Support - REALTEK
      My Computer


  5. Posts : 187
    Windows 10 Home 32 bit
    Thread Starter
       #85

    When I arrived at work early two days after my last post, I found the computer in the middle of an update (usual black screen, tail chaser)
    Working on Updates
    30% Complete
    Don't turn off your computer

    It must have started this all by itself, because no-one else was here. After a while it again went.....

    We couldn't complete the updates
    Undoing changes
    Don't turn off your computer


    Then it rebooted, and came up with a BSOD
    Stop Code: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
    What failed: WppRecorder.sys

    As I have said previously, I have limited access to the computer as it is a work one that is used all day and into the night sometimes. Now is the first time I have been able to get access for more than a few minutes, and its a long weekend here, so I have today and tomorrow with the computer to mysoelf.

    I have restarted WDV on the last test of tests you told me to. I will get back to you again with the results.
      My Computers


  6. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #86

    Please upload V2 now and after any BSOD.


    Run:
    Upgrade_failure_info.bat - Click here to go to the BSOD batch repository to download and run this batch file.




    Open administrative PS and copy and paste the whole script > click OK > run time approx 15 - 20 min
    (may collect personally identifiable information)

    Windowsupgradetroubleshooting.ps1
      My Computer


  7. Posts : 187
    Windows 10 Home 32 bit
    Thread Starter
       #87

    V2 result: Dropbox - PHOTOLAB-SMB-Config.TXT - Simplify your life

    This is the only file the logs program generated


    Upgrade_failure_info.bat says its putting a file oin the desktop, but there is notihng there.

    Now I have a staff member arrived to use the computer.... on a Sunday!!!.. dammit!

    I will continue when they have finished.
      My Computers


  8. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #88

    That was not V2.

    When available post results for each:
    V2
    DM
    BSOD - Posting Instructions



    Upgrade_failure_info.bat - Click here to go to the BSOD batch repository to download and run this batch file.



    Open administrative PS and copy and paste the whole script > click OK > run time approx 15 - 20 min
    (may collect personally identifiable information)

    Windowsupgradetroubleshooting.ps1

    Windowsupgradetroubleshooting.zip


    Code:
    function wh       {          Param ( [parameter (Mandatory = $true)][string]$txt )          Write-Host $txt -ForegroundColor Green -BackgroundColor Black -NoNewline          ##Example usage wh "Alias for `n Write-Host"        } ## End function wh      function StartScript       {          ##Locating Temp Dir and writing Transcript          $global:tempDir = [System.IO.Path]::GetTempPath()           MD $tempDir\LOGS -EA SilentlyContinue           CD $tempDir\LOGS          $txtCount = Get-Item $tempDir/LOGS/*.TXT -EA SilentlyContinue          if((Get-Host).Version.Major -cge 5) ##WIN7 Not Supported              {                  if($txtCount.Count -cge 1)                   {Start-Transcript -Append -Path $tempDir/LOGS/Event-Search.TXT}                   Else{Start-Transcript -Path $tempDir\LOGS\Event-Search.TXT}               }            $global:explore = $tempDir + "LOGS\"          $global:Ver = "1.6.3"          wh "`nLog Collection... (V$Ver)`n"            #clearing previous actions          Stop-Job *            #Initialize CheckBox Vars to $True/$False              $Global:EventsCollect = $true; $Global:SetupDiagCollect = $true                  $Global:UpdatesCollect = $true; $Global:WLANCollect = $true                      $Global:PowerCollect = $true; $Global:GPCollect = $true                          $Global:miscCollect = $true; $Global:bingCollect = $true                              $Global:eventOut = $false                #Clear Jobs          Stop-Job *          Remove-Job *                                                } ## End function Start-Script      function SetupDiagFunc      {          wh "`n Grabbing SetupDiag.exe ..."               Invoke-WebRequest https://go.microsoft.com/fwlink/?linkid=870142 -OutFile $tempDir\SetupDiag.exe -TimeoutSec 3 -UseBasicParsing              #check for successful download              if((Get-Item $tempDir\SetupDiag.exe).length -gt 100000)                  {                    wh "`nSuccessful DL!"                    wh "`n Invoking SetupDiag.exe ..."                    $SetupDiag = {CMD.EXE /C "%temp%\setupdiag.exe /Verbose /Output:%temp%\SetupDiag-Log.txt"}                      ## Kick-Off SetupDiagJob                    Start-Job -Name SetupDiagJob -ScriptBlock $SetupDiag                                                       }Else{Write-Host "`nDownload of SetupDiag.exe Failed!" -BackgroundColor RED }        } ## End Function SetupDiagFunc      function EventSearch      {      wh "`n Starting EventSearch Job-Function ...`n"      ## Gathering Events from System using Get-WinEvent via Job      $EventSearchJob =           {          $evtPaths = Get-Item C:\Windows\System32\Winevt\Logs\*.evtx -Exclude "*PowerShell*",               "*known folders*" | Select-Object FullName          $i = $evtPaths.Count            $x = 0 ##For 1st Loop do Until x = i          $events = @()          $gatherEvents = @()          $eventsArray = @()          $searchResult = @()          $MaxEvents = 99            #Loading/Gathering Events Loop...          do {                     ##Getting Events w/ Get-WinEvent                     $gatherEvents = Get-WinEvent -Path $evtPaths[$x].FullName -MaxEvents $MaxEvents -EA SilentlyContinue              $events = $events + $gatherEvents                           $x++                            }               Until ($x -eq $i)                $x = $x +1 ##Total Events Found!                    $eventsLength = $events.Length ##Total events catalogged!                    $xx = 0                         # Write Event Properties to a row and roll it out - Collapsing Array ...           do {                 $date = $events[$xx].TimeCreated | Get-Date -Format "yyyyMMdd".ToString() -EA SilentlyContinue ##EA SC for Blank Entries                                    $eventRow = new-object PSObject -Property @{                  Date = $date;                  Id = $events[$xx].Id;                  Level = $events[$xx].LevelDisplayName;                  Provider = $events[$xx].ProviderName;                 Message = $events[$xx].Message;                  }                    $cRow = $date + " " + "ID:" +  $events[$xx].Id + " " + "Level:" + $events[$xx].LevelDisplayName + " " + "Provider:" + $events[$xx].ProviderName + " " + "Message:" + $events[$xx].Message                   $eventsArray += $cRow                                 $xx++                  $d++          }          Until ($xx -eq $events.Length)           ##Looking for patterns error or fail in $eventsArray          $search = $eventsArray | Select-String -pattern ("error|fail")          Return $search ## | Write-Output ##Output for job            } ## End $EventSearchJob        Start-Job -Name EventSearchJob -ScriptBlock $EventSearchJob        } ## End function Event-Search      function writeSearch  ##       {          ##Event Logs Cont.          MD $tempDir\LOGS\EVTX\ -EA SilentlyContinue          ##output to file          $search | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name -Wrap > TOP-ERRORS.TXT          $search > $tempDir\LOGS\SEARCH.TXT        if($Global:eventOut -eq $True)          {          $search | Group-Object | Sort-Object Count -Descending |               Select-Object -Property Count, Name | Out-GridView -Title "Top `"Errors`" via EVTX - V-$Ver"          }            wh "`n Collecting Matching EVTX Entries ...`n"             #Collecting all prev matching EVTX          #$evtx = Get-ChildItem C:\Windows\System32\Winevt\Logs\*.evtx          $evv = 0                               $providerName =                  (($search | Select-String "Provider:.*Message:").Matches.Value -Replace                         " Message:", "" -Replace "Provider:", "" | Group-Object ).Name                            #Converting Provider Name to Log Name                             $providerName = (($providerName | ForEach-Object {Get-WinEvent -ProviderName $_ -MaxEvents 1 -EA SilentlyContinue}).LogName | Group-Object).Name                    $providerName = $providerName -replace "Microsoft.", ""                    $providerName = $providerName -replace "Windows.", ""                       $providerName = $providerName -replace "`/.*$", ""                                                                                 $evtx = $providerName | foreach{Get-ChildItem "C:\Windows\System32\winevt\logs\*$_*"}                    Do{                      COPY $evtx[$evv].PSPath $tempDir\LOGS\EVTX\                        $evv++                    }                    Until($evv -eq $evtx.Count)        } #End function writeSearch      function GetUpdates      {          wh "`n Starting Get-WindowsUpdateLog Job-Function ...`n"          $updateJob = {get-WindowsUpdateLog}                   if((Get-Host).Version.Major -cge 5) ##Modern Gatherer          {              Start-Job -Name GetUpdates -ScriptBlock $updateJob          }                    ##Legacy Gatherer          CP C:\Windows\WindowsUpdate.log $tempDir\LOGS\WindowsUpdate.log            ##Installed-Updates/Packages         Get-WmiObject win32_quickfixengineering > $tempDir\LOGS\Installed_Updates.TXT          Get-WmiObject Win32_OperatingSystemQFE >> $tempDir\LOGS\Installed_Updates.TXT      DISM /Online /Get-Packages /Format:Table >> $tempDir\LOGS\Installed_Updates.TXT       } ## End function Get-Updates           function PrinterCheck      {          wh "`n Getting Printer Information ..."          get-printer | ft Name, ComputerName, Type, DriverName, PortName, Datatype, Location, DriverName > $tempDir\LOGS\Printers.TXT          get-printerDriver | fl >> $tempDir\LOGS\Printers.TXT          Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append          Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append          Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" | Out-File $tempDir\LOGS\Printers.TXT -Append          write-output "## CBS ntprint CHECK ##" >> $tempDir\LOGS\Printers.TXT          $cbsCheck = (Get-ChildItem C:\Windows\Logs\CBS\*cbs* -Recurse | select-string -Pattern "E_INVALIDARG in eventsXml.*Microsoft-Windows-PrintService")          if($cbsCheck.Count -eq 0){Write-Output "## NO MATCHES IN CBS ##" >> $tempDir\LOGS\Printers.TXT} Else{$cbsCheck | Group-Object  >> $tempDir\LOGS\Printers.TXT}          write-output "## ntprint.dll CHECK ##" >> $tempDir\LOGS\Printers.TXT          (Get-ChildItem C:\Windows\System32\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT          (Get-ChildItem C:\Windows\SysWOW64\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT        } ## End function PrinterCheck      function UpdateHelper      {      if((Get-Host).Version.Major -cge 5)          {              $winupdatelog = get-item $tempDir\LOGS\windows-update.log    ##WIN-10 File              MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue | Out-Null              CP C:\Windows\Logs\WindowsUpdate\*.etl $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue          }              Else{$winupdatelog = get-item $tempDir\LOGS\windowsupdate.log} ##LEGACY File        $updateError = ($winupdatelog | select-string -pattern "error.*0x........");      $updateErrorSplit = $updateError -Split " "      $updateErrorCount = (($updateErrorSplit | select-string -pattern "0x........") -Replace "[(),'`.:]", "" -Replace "hr=", "");        $updateErrorCount | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT -Width 999      $updateError >> UPDATE-ERRORS.TXT      if($updateError.length -eq 0){"No `"error.*0x........`" patterns Found in Windows-Update.log" | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT}        ($winupdatelog | Select-String "KB\d\d\d\d\d\d\d" | Select-string "fail") | Out-file $tempDir\LOGS\UPDATE-ERRORS.TXT -Append -width 999        } ## End function UpdateHelper      function getProcesses      {      wh "`nGetting Active Process ...`n"       Get-Process > $tempDir\LOGS\Running-Processes.TXT      CMD.EXE /C "tasklist /svc" | Out-File -Append  $tempDir\LOGS\Running-Processes.TXT            } ## End function getProcesses      function GetApps      {      wh "`n Getting List of Installed Apps...`n"      Get-WmiObject -Class Win32_Product | Format-Table -Property Name, Version, Vendor > $tempDir\LOGS\Installed-Apps.TXT      Get-AppxPackage | ft Name, Version, InstallLocation, IspArtiallyStaged, SignatureKind, Status >> $tempDir\LOGS\Installed-Apps.TXT            } ## End function GetApps      function SetupLogs      {      wh "`nGetting Windows Setup Logs Independent of SetupDiage.exe...`n"          MD $tempDir\LOGS\SETUP\ -EA SilentlyContinue      dir C:\ > $tempDir\LOGS\Dir_Structure.txt            ## Main Setup Collection      if($env:SystemDrive -eq 'C:') ##Verify SystemDrive      {          $SetupPaths = @()            $locations = @(              'C:\GetCurrent',              'C:\$Reset',              'C:\$SysReset',              'C:\$Windows.~BT',              'C:\$Windows.~WS',              'C:\Windows\Logs\',              'C:\Windows\Panther\',              'C:\Windows\inf\',              'C:\Windows\System32\LogFiles\',              'C:\Windows\System32\SysPrep\',              'C:\Windows10Upgrade',              'C:\Windows.old\Windows\Panther')            for($i = 0; $locations.count -gt $i; $i++)          {               if((get-item $locations[$i] -Force -EA SilentlyContinue).length -gt 0) ##Null Path Check -Force for Hidden              {                  CD $locations[$i]                  ##Search includes setuperr/setupact only                  $SetupPaths += Get-ChildItem * -Force -Recurse -Include setuperr.log, setupact.log, miglog.xml, *APPRAISER_Humanreadable.xml -EA SilentlyContinue                  }          }            $cleanPaths = @()            for($i = 0; $SetupPaths.count -gt $i; $i++)          {              $cleanPaths += $SetupPaths[$i].PSParentPath.ToString() -replace "Microsoft\.PowerShell\.Core\\FileSystem\:\:C\:\\", ""          }            CD $tempDir\LOGS\SETUP\          MD $cleanPaths -Force          CD $tempDir\LOGS\            for($i = 0; $SetupPaths.count -gt $i; $i++)          {              $destPath = "$tempDir\LOGS\SETUP\" + $cleanPaths[$i]              $copyPathLog = ($SetupPaths[$i].ToString())                            Copy  $copyPathLog -Destination $destPath          }            }Else{Write-Host "`nSystem Drive is not C:... Setup Collection Aborted!`n"}      ## End Main Setup Collection                          ## Setup Reg Output              Get-ChildItem HKLM:\SYSTEM\SETUP\ | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT          Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\Me* -recurse -EA SilentlyContinue | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append          Get-Childitem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append            ## SetupAct String Search                         $setupRegx = @("MOUPG SetupHost..Initialize:",                          "============================",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Initialize. CmdLine"),                          "",                          "MOUPG Setup build & Host OS Build:",                          "==================================",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Setup build"),                          "...",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG      Host OS"),                          "",                          "Watson Parameters (4&5):",                          "=======================",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Watson Bucketing Parameters\[[4-5]\]" ),                          "",                          "\[0x........\]Error:",                          "==================",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "\[0x........\]\[0x.....\]"),                          "",                          "`"FATAL`":",                          "======",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "FATAL" | Select-String -NotMatch "FatalExecutionEngineError" | Select-String -NotMatch "non-fatal"),                          "",                          "`"Error   `":",                          "===========",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Error   "),                          "",                          "MIGRATE.*DATA:",                          "==============",                          "",                          (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MIGRATE.*DATA"),                          ""                                     )              $q=0              Do {$setupRegx[$q] | Out-File $tempDir\LOGS\SETUP\SetupAct-Regex.TXT -Append -Width 999 ##spool out results                                    $q++                                                                }Until($q -eq $setupRegx.Count)        } ## End function SetupLogs      function powerCFGInfo      {      MD $tempDir\LOGS\POWER\ -EA SilentlyContinue  | Out-Null      wh "`n Grabbing PowerCFG, Sleep & Battery Info ...`n"            ("`n" + "Available Sleep States (/A): `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      powercfg /a | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt        ("`n" + "-DeviceQuery Wake_Armed: `r" + "`n" +"========================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      powercfg -devicequery wake_armed  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt        ("`n" + "Last Wake (-lastwake):  `r" + "`n" +"=====================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      powercfg -lastwake  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt        ("`n" + "-Requests: `r" + "`n" +"==========`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      powercfg -requests  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt        $powerList = powercfg -list      $powerList | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      $powerActive = $powerList | select-string "\*" | powercfg /QH "$_"       ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt        ("`n" + "Active Power Scheme Details: `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt      $powerActive | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt          if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support powercfg /battery /sleepstudy           {              $ifbattery = Get-WmiObject win32_battery             if ( $ifbattery.__SERVER.count -cge 1 ) { CMD.EXE /C "powercfg /batteryreport /output %temp%\LOGS\POWER\battery-report.html" }             CMD.EXE /C "powercfg /sleepstudy /output %temp%\LOGS\POWER\sleepstudy-report.html"           }             CMD.EXE /C "powercfg /ENERGY /duration 10 /output %temp%\LOGS\POWER\energy-report.html"                   } ## End function powerCFGInfo      function sysProductCheck      {      wh "`n Getting SystemProductName ...`n"      ##SystemInformation Reg       reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\ /v SystemProductName  > $tempDir\LOGS\REG_SystemProductName.TXT       Get-WmiObject Win32_ComputerSystem > $tempDir\LOGS\WMI_Object_System.TXT      Get-WmiObject Win32_ComputerSystemProduct >> $tempDir\LOGS\WMI_Object_System.TXT            } ## End functions sysProductCheck      function showWLAN      {      wh "Generating NETSH WLAN Report...`n"        $showWLANjob = {                      CMD.EXE /c "netsh wlan show networks mode=ssid > %temp%\LOGS\Network\wlan.txt"                      CMD.EXE /c "netsh wlan show networks mode=bssid >> %temp%\LOGS\Network\wlan.txt"                      CMD.EXE /c "netsh winhttp show proxy > %temp%\LOGS\Network\proxy.txt"                      CMD.EXE /c "netsh wlan show wlanreport & COPY C:\ProgramData\Microsoft\Windows\wlanReport\wlan-report-latest.html %temp%\LOGS\Network\wlan-report-latest.html"                       ##WIN7 Does not Support netsh wlanreport                                                                        }         Start-Job -Name showWLAN -ScriptBlock $showWLANjob        } ## End function sysProductCheck      function getGPRESULT      {      wh "`nGetting GPRESULT...`n"      CMD.EXE /C "GPRESULT /V > %temp%\LOGS\GPRESULT.TXT"            } ## End function getGPRESULT      function reservedCheck      {                    $reservedJob =           {          $vol = (mountvol /L | select-string -Pattern "\\\\")          $volstring = "mountvol y:" + $vol[0]          CMD.EXE /C $volstring                SLEEP 2            CMD.EXE /C "CHKDSK y: > %temp%\LOGS\SystemReserved.TXT"                SLEEP 2 # Pause after drive dismount                CMD.EXE /C "mountvol y: /D"          }        Start-Job -Name reservedJob -ScriptBlock $reservedJob            } ## End function reservedCheck      function fltmcCheck      {      wh "`n Getting fltmc Filters ...`n"      CMD.EXE /c "fltmc filters > %temp%\LOGS\fltmc_filters.TXT"            } ## End function fltmcCheck      function getDXDiag      {      wh "`n Grabbing DXDiag Info...`n"      C:\Windows\System32\dxdiag /x $explore\DxDiag            } ## End function getDXDiag      function getMSINFO      {      wh "`n Gathering MSINFO32 ...`n"      ## check if msinfo is already gathering - if so stop      If((get-process | select-string -Pattern "msinfo").Pattern -eq "msinfo")      {Stop-Process -ProcessName msinfo32}            C:\Windows\System32\msinfo32.exe /nfo $tempDir/LOGS/MSINFO32.NFO                       } ## End function getMSINFO      function getAV      {       if((Get-Host).Version.Major -cge 5) ##Modern OS Only          {          wh "`n Grab root\SecurityCenter2 AntivirusProduct ...`n"          $avPath = (Get-WmiObject -Namespace root\SecurityCenter2 -Class AntivirusProduct) | % {$_.pathtoSignedProductEXE}          "AV Info" + "`n========" | Out-File $tempDir/LOGS/SecurityProductInformation.TXT     $avPath | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append          if($avPath[0] -match "exe")              {                   $path = (Get-Item $avPath[0]).PSParentPath                  Get-Item $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append                  Get-Content $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append                         }              Get-ChildItem "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\" -recurse -EA SilentlyContinue | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append              }      } ## End function getAV      function getDrivers      {      wh "`n Grabbing Driver listing via DISM.EXE ...`n"          $drivers = cmd.exe /C "dism /online /get-drivers /format:table"          $drivers += cmd.exe /C "dism /online /get-drivers /all /format:table"          $drivers | Out-File $tempDir/LOGS/DISM-Get-Drivers.TXT      wh "`n Done!`n"      } ## End Function getDrivers      function getMISCLogs      {          wh "`nCopying misc. logs ...`n"           MD $tempDir\LOGS\WER\ -EA SilentlyContinue           MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue          CP "C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\*" $tempDir\LOGS\WER\ -Recurse -EA SilentlyContinue          CP "C:\Windows\Logs\CBS\*cbs*" $tempDir\LOGS\Windows\Logs\          CP "C:\Windows\Logs\DISM\*dism*" $TempDir\LOGS\Windows\Logs\          CP "C:\Windows\Logs\WindowsUpdate\*" $TempDir\LOGS\Windows\Logs\WindowsUpdate\                        #DMP Collect          $dmp = @()          $dmp += Get-ChildItem C:\Windows\*.dmp           $dmp += (Get-ChildItem C:\Windows\LiveKernelReports\*.dmp -Recurse -EA SilentlyContinue)          $dmp += (Get-ChildItem C:\Windows\Minidump\*.dmp -Recurse -EA SilentlyContinue)          #Validate empty array          if($dmp.length -ne 0)              {              $dd=0                    Do{                               If($dmp[$dd].length -lt 2000000)                              { $destPath = $dmp[$dd].PSParentPath.Replace('C:\', '').Replace('Microsoft.PowerShell.Core\FileSystem::', '')                                  MD $destPath -EA SilentlyContinue                                     COPY -Path $dmp[$dd].PSPath -Destination $destPath }                          $dd++                      }                      Until($dd -eq $dmp.Count)              }            #disk info          "`nGet-Disk:`n=========" > $tempDir\LOGS\Disk-Info.TXT           Get-Disk |fl >> $tempDir\LOGS\Disk-Info.TXT          "`nGet-Partition:`n==============" >> $tempDir\LOGS\Disk-Info.TXT           Get-Partition >> $tempDir\LOGS\Disk-Info.TXT          Manage-bde -protectors -get C: >> $tempDir\LOGS\Disk-Info.TXT          "`nIO Fail Search:`n===============`n" >> $tempDir\LOGS\Disk-Info.TXT          $search | Select-String ".*io.fail.*" | Select-String -NotMatch '0, 0, 0, 0' >> $tempDir\LOGS\Disk-Info.TXT              } ## End function getMISCLogs      function bingCollect      {          ##O365 Firewall Check & Bing.com diagnostics.asp          ##URIs based on Article:           ##https://support.office.com/en-us/article/Network-requests-in-Office-365-ProPlus-and-Mobile-eb73fcd1-ca88-4d02-a74b-2dd3a9f3364d                          MD $TempDir\LOGS\Network\ -EA SilentlyContinue            wh "Performing Bing & O365 URI Check ... `n"                    $bingCheck = (Invoke-WebRequest -Uri https://www.bing.com/fdv2/diagnostics.aspx -UseBasicParsing)                 $bingCheck | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT                                 $URIs = @('api.login.microsoftonline.com',    #0  Standard Reply = 403                'api.passwordreset.microsoftonline.com',      #1  Standard Reply = 200                'becws.microsoftonline.com',                  #2  Standard Reply = 403                'clientconfig.microsoftonline-p.net',         #3  Standard Reply = 404                'companymanager.microsoftonline.com',         #4  Standard Reply = 403                'device.login.microsoftonline.com',           #5  Standard Reply = 200                'graph.microsoft.com',                        #6  Standard Reply = 404                'hip.microsoftonline-p.net',                  #7  Standard Reply = 404                 'hipservice.microsoftonline.com',             #8  Standard Reply = 404                'login.microsoft.com',                        #9  Standard Reply = 200                'login.microsoftonline.com',                  #10 Standard Reply = 200                'logincert.microsoftonline.com',              #11 Standard Reply = 200                 'loginex.microsoftonline.com',                #12 Standard Reply = 200                'login-us.microsoftonline.com',               #13 Standard Reply = 200                'login.microsoftonline-p.com',                #14 Standard Reply = 200                'login.windows.net',                          #15 Standard Reply = 200                'nexus.microsoftonline-p.com',                #16 Standard Reply = 403                'passwordreset.microsoftonline.com',          #17 Standard Reply = 200                'provisioningapi.microsoftonline.com',        #18 Standard Reply = 403                'stamp2.login.microsoftonline.com',           #19 Standard Reply = 200                'ccs.login.microsoftonline.com',              #20 Standard Reply = 401                'ccs-sdf.login.microsoftonline.com',          #21 Standard Reply = 401                'accounts.accesscontrol.windows.net',         #22 Standard Reply = 200                'secure.aadcdn.microsoftonline-p.com',        #23 Standard Reply = 400                'windows.net',                                #24 Standard Reply = 200                'phonefactor.net',                            #25 Standard Reply = 200                'account.activedirectory.windowsazure.com',   #26 Standard Reply = 404                'secure.aadcdn.microsoftonline-p.com',        #27 Standard Reply = 400                'login.windows.net',                          #28 Standard Reply = 200                'provisioningapi.microsoftonline.com',        #29 Standard Reply = 403                'mscrl.microsoft.com',                        #30 Standard Reply = 400                'secure.aadcdn.microsoftonline-p.com',        #31 Standard Reply = 400                'windowsupdate.microsoft.com',                #32 Standard Reply = 200                'update.microsoft.com',                       #33 Standard Reply = 200                'au.download.windowsupdate.com',              #34 Standard Reply = 200                'download.windowsupdate.com',                 #35 Standard Reply = 200                'download.microsoft.com',                     #36 Standard Reply = 200                'tlu.dl.delivery.mp.microsoft.com');          #37 Standard Reply = 403                                           $count = 0;                $queryResult =@{};                                 Write-Host "Checking URIs .." -NoNewline                                 Do {                                 Try{                        $queryResult[$count] = (Invoke-WebRequest -Uri ("http:`/`/" + $URIs[$count]) -Method Head -UseBasicParsing -TimeoutSec 2).RawContent                           }Catch{ $catch = $_ }                                             if($queryResult[$count].Count -eq 0)                                    {$queryResult[$count] = ($catch[$catch.count -1].ToString()).Replace("`n", " ")}                                                           Write-Host "." -NoNewline                                 $count++                           }Until ($count -eq ($URIs.Count));                                          Write-Host "."                                      Get-Date | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append                    $queryResult | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append                              Write-Host " Bing Check", `n, "==========" | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT -Append                        wh "`n`n`n`URL Check Finished...`n"       }      function smbConfig  {        $CMDs =      {   cmd.exe /c "net config server"            cmd.exe /c "net config workstation"          Get-SmbClientNetworkInterface          Get-SmbServerConfiguration          Get-SmbClientConfiguration          Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer"           Get-NetAdapterAdvancedProperty | ft }        ForEach-Object{Invoke-Command $CMDs | Out-File $TempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}        $share = Get-SmbShare        ForEach-Object{Get-SmbShareAccess $share.Name | ft  | Out-File $tempDir\LOGS\NETWORK\$env:COMPUTERNAME-SMB-Config.TXT -Append}    } ## End Function smbConfig      function regLang      {               DISM.EXE /Online /Get-Intl  | Out-File $tempDir\LOGS\Reg-Lang.TXT          "`n","Get-WinUserLanguageList","=======================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append          Get-WinUserLanguageList     | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append          "`n","Get-WinLanguageBarOption","========================" | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append          Get-WinLanguageBarOption    | Out-File $tempDir\LOGS\Reg-Lang.TXT -Append      }      function autoRotate      {          Get-ChildItem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Auto* | Out-File $tempDir\LOGS\AutoRotate.TXT      }      function checkBoxes     {          Add-Type -AssemblyName System.Windows.Forms          Add-Type -AssemblyName System.Drawing            $Global:form = New-Object System.Windows.Forms.Form          $Global:form.Text = "LOGS-V$ver"          $Global:form.Size = New-Object System.Drawing.Size(300,400)          $Global:form.StartPosition = 'CenterScreen'            $OKButton = New-Object System.Windows.Forms.Button          $OKButton.Location = New-Object System.Drawing.Point(100,300)          $OKButton.Size = New-Object System.Drawing.Size(75,23)          $OKButton.Text = 'OK'          $OKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK          $Global:form.AcceptButton = $OKButton          $Global:form.Controls.Add($OKButton)                   $Global:form.ControlBox = $false                        $Global:boxNum = 1              $Global:checkBox = @{} #hash for $checkBox              $tag = @{} #hash for $label              $Global:Box = @{}                function createCheckBox                   {                      Param ( [parameter (Mandatory = $true)][string]$name,                              [parameter (Mandatory = $true)][string]$label )                                            $drawingPoint = (50 + ($boxNum *25))                        $Global:checkBox[$boxNum] = New-Object System.Windows.Forms.CheckBox                      $Global:checkBox[$boxNum].Location = New-Object System.Drawing.Point(10,$drawingPoint)                      $Global:checkBox[$boxNum].Size = New-Object System.Drawing.Size(15,15)                      $Global:checkBox[$boxNum].Text = ''                      $Global:checkBox[$boxNum].Checked = $true                      $Global:form.Controls.Add($checkBox[$boxNum])                      #SetupDiag Label                      $tag[$boxNum] = New-Object System.Windows.Forms.Label                      $tag[$boxNum].Location = New-Object System.Drawing.Point(40,$drawingPoint)                      $tag[$boxNum].Size = New-Object System.Drawing.Size(280,20)                      $tag[$boxNum].Text = "$label"                      $Global:form.Controls.Add($tag[$boxNum])                        $Global:boxNum ++                                    } #End nested function createCheckBox                           createCheckBox -name "EV" -label "EventSearch EventLog Helper"       #1              createCheckBox -name "SD" -label "SetupDiag.EXE Setup Diagnostics"   #2              createCheckBox -name "WU" -label "Get-WindowsUpdateLog Collection"   #3              createCheckBox -name "IP" -label "Network Information"               #4              createCheckBox -name "PW" -label "POWERCFG. Sleep & Battery Info"    #5              createCheckBox -name "GP" -label "GPResult Info"                     #6              createCheckBox -name "MS" -label "General Machine Info"              #7              createCheckBox -name "EO" -label "EventSearch Out-GridView"          #8                                         #Checkbox State Changes                           $Global:checkBox[1].Add_CheckStateChanged(                      {                           if($Global:checkBox[1].checked -eq $True){ $Global:EventsCollect = $true ; Write-Host "." -nonewline} Else{ $Global:EventsCollect = $false }                                                    })                         $Global:checkBox[2].Add_CheckStateChanged(                      {                           if($Global:checkBox[2].checked -eq $True){ $Global:SetupDiagCollect = $true ; Write-Host "." -nonewline} Else{ $Global:SetupDiagCollect = $false }                                                    })              $Global:checkBox[3].Add_CheckStateChanged(                      {                           if($Global:checkBox[3].checked -eq $True){ $Global:UpdatesCollect = $true ; Write-Host "." -nonewline} Else{ $Global:UpdatesCollect = $false }                                                    })              $Global:checkBox[4].Add_CheckStateChanged(                      {                           if($Global:checkBox[4].checked -eq $True){ $Global:WLANCollect = $true ; Write-Host "." -nonewline} Else{ $Global:WLANCollect = $false }                                                    })                $Global:checkBox[5].Add_CheckStateChanged(                      {                           if($Global:checkBox[5].checked -eq $True){ $Global:PowerCollect = $true ; Write-Host "." -nonewline} Else{ $Global:PowerCollect = $false }                                                    })              $Global:checkBox[6].Add_CheckStateChanged(                      {                           if($Global:checkBox[6].checked -eq $True){ $Global:GPCollect = $true ; Write-Host "." -nonewline} Else{ $Global:GPCollect = $false }                                                    })              $Global:checkBox[7].Add_CheckStateChanged(                      {                           if($Global:checkBox[7].checked -eq $True){ $Global:miscCollect = $true ; Write-Host "." -nonewline} Else{ $Global:miscCollect = $false }                                                    })                 $Global:checkBox[8].Add_CheckStateChanged(                      {                           if($Global:checkBox[8].checked -eq $True){ $Global:eventOut = $true ; $Global:checkBox[1].checked = $true; Write-Host "x" -nonewline} Else{ $Global:eventOut = $false }                                                    })                                                     $Global:checkBox[8].Checked = $false          $mainText = New-Object System.Windows.Forms.Label          $mainText.Location = New-Object System.Drawing.Point(62,30)          $mainText.Size = New-Object System.Drawing.Size(260,20)          $mainText.Text = 'Choose which logs to collect:'          $Global:form.Controls.Add($mainText)          $result = $Global:form.ShowDialog()          SLEEP 1  #testing Topmost lag          $Global:form.Topmost = $true            #OK Button ...           if ($result -eq [System.Windows.Forms.DialogResult]::OK)          {              $x = $textBox.Text              $x          }             } #End function checkBoxes      Function werHint  {      $WERs = Get-ChildItem $tempDir\LOGS\WER\*.wer -Recurse        $WERArray = @()        $Date = $WERs | Select-String -pattern "eventtime=" | % {$_ -Replace("C:.*EventTime=", "")}      $eventType = $WERs | Select-String -pattern "EventType=" | % {$_ -Replace("C:.*EventType=", "")}      $Sig0Nam = $WERs | Select-String -pattern "Sig\[0\].Name" | % {$_ -Replace("C:.*Sig\[0\].Name=", "")}      $Sig0Val = $WERs | Select-String -pattern "Sig\[0\].Value" | % {$_ -Replace("C:.*Sig\[0\].Value=", "")}      $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}      $Sig3 = $WERs | Select-String -pattern "Sig\[3\].Value" | % {$_ -Replace("C:.*Sig\[3\].Value=", "")}      $Sig4 = $WERs | Select-String -pattern "Sig\[4\].Value" | % {$_ -Replace("C:.*Sig\[4\].Value=", "")}        #ConvertDateTime      $epoch = [datetime]"01/01/1601 00:00"      $date = $date | foreach{$epoch.AddSeconds($_/10000000)}       $convertedDate = foreach($Date in $Date) {Get-Date $Date -Format G}        $WERarray = 0..($convertedDate.Length -1) | Select-Object @{n="Id";e={$_}},           @{n="Date";e={$convertedDate[$_]}}, @{n="EventType";e={$eventType[$_]}},              @{n="S0-Name";e={$Sig0Nam[$_]}}, @{n="S0-Value";e={$Sig0Val[$_]}}, @{n="S3";e={$Sig3[$_]}},                   @{n="S4";e={$Sig4[$_]}}        $WERArray |Sort-Object -Descending Date | ft -autosize Date, EventType, S0-Name, S0-Value, S3, S4  |           Out-File $tempDir\LOGS\WER-SUMMARY.TXT -Width 500    } ## End Function werHint        ### FUNCTIONS_INIT ###             $Script:Cancel = @{}            StartScript #function          checkBoxes                    ## SetupDiagCollect   #2          if($Global:SetupDiagCollect -eq $True)              {              SetupDiagFunc #function & job               wh "...`n"              }          ## EventSearch         #1          if($Global:EventsCollect -eq $True)              {              EventSearch #function & job              wh "...`n"              }            ## Get-WindowsUpdate   #3          if($Global:UpdatesCollect -eq $True)              {              GetUpdates #function & job              wh "...`n`n"              }            ## WLAN/Wifi Collect    #4          if($Global:WLANCollect -eq $True)                  {              bingCollect #function              wh "...`n"              showWLAN #function & job               wh "...`n"              smbConfig #function              }            ## Power/Battery Collect:#5          if($Global:PowerCollect -eq $True)              {              powerCFGInfo #function - make job takes a min              wh "...`n"              }            ## GPRESULT Collection:  #6          if($Global:GPCollect -eq $True)              {              getGPRESULT #function              wh "...`n"              }            ## Misc Logs Collection: #7                if($Global:miscCollect -eq $True)              {              getMSINFO #function & job                  wh "...`n"              PrinterCheck #function                  wh "...`n"              getProcesses #function                  wh "...`n"              getApps #function - make job - takes a min                  wh "...`n"              SetupLogs #function                  wh "...`n"                   sysProductCheck #function                  wh "...`n"                             reservedCheck #function                  wh "...`n"              fltmcCheck #function                  wh "...`n"              getDXDiag #function                  wh "...`n"              regLang #function                  wh "...`n"              autoRotate #function              getMISCLogs #function                  wh "...`n"              getDrivers #function                  wh "...`n"               getAV #function                  wh "...`n"                         }            #### RECEIVING JOBS SECTION ###...             #EventSearchJob          if($Global:EventsCollect -eq $True)          {                      wh "`nWaiting for EventSearchJob to complete...`n"                Receive-Job -Name EventSearchJob -OutVariable eventSearch -Wait               $search = $eventSearch.Line          }              if($Global:SetupDiagCollect -eq $True)          {              #SetupDiagJob - Receive-Job              $stamp = (Get-Date -format "hh:mm tt")              wh "`nWaiting for SetupDiagJob to complete..."              wh "`nTime Stamp: $stamp"              wh "`nThis can take up to 10 minutes ..."                Do{                SLEEP 15                  wh "."                  if((Get-Job -name SetupDiagJob).State -eq "Completed")                      { Receive-Job -Name SetupDiagJob                             wh "`nSetupDiag Completed!"                                                 Break                      }                                  }Until($Cancel.SetupDiag -eq $True)              wh `n                                                             #Receive file and copy              Receive-Job -Name SetupDiagJob -Wait               Copy-Item $tempDir\Logs*.zip $tempDir\LOGS\SetupDiag-Log.zip              Copy-Item $tempDir\setupdiag*.log $tempDir\LOGS\              Remove-Item $tempDir\Logs*.zip          }                   if($Global:UpdatesCollect -eq $True)          {              #GetUpdates Job via:              #UpdateHelper <--- GetUpdates Job has to finish first!              #Checking Status of GetUpdates Job...              wh "Checking Status of GetUpdates Job...`n"              If ((Get-Job -Name GetUpdates).State -eq "Failed")                  { wh "`nGetUpdates Job Failed!`n" }                      Else{                              Receive-Job -Name GetUpdates -wait                              Move $env:USERPROFILE\Desktop\WindowsUpdate.log $TempDir\LOGS\Windows-Update.log -Force                              wh "`n Writing Update Helper Info to UPDATE-ERRORS.TXT ... `n"                              UpdateHelper #run the update helper function                          }                       } #End getting GetUpdates-job                 #Finishing EventSearch          if($Global:EventsCollect -eq $True)              {                  writeSearch #function              }    #Wait on MSINFO...  if($Global:miscCollect -eq $True)  {      wh "`n Waiting for MSINFO32 to Complete ...`n"      do{ start-sleep 1 }      Until((get-process | select-string -Pattern "msinfo").Pattern -cne "msinfo")          werHint #function  }      if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support Transcript      {    Stop-Transcript             do{      start-sleep 1      }      Until((get-item $tempDir\LOGS\Event-Search.TXT).Length -cne 0)            }    wh "`nLog Collection Completed! `nLogs are available in %temp%\LOGS\`n"    wh "`nHit Any Key or Close ...`n"    Start-Sleep 1    Start Explorer.exe $explore    PAUSE    ## LOGS.PS1 1.6.3  ##     ## JOHNEM 8-2019 ##   ## EOF ##



      My Computer


  9. Posts : 187
    Windows 10 Home 32 bit
    Thread Starter
       #89

    OK, I had to run V2 in Safe Mode because it would not save the zip file on the desktop on Normal Boot.

    Dropbox - PHOTOLAB-(2021-04-25_16-19-26).zip

    I still cannot get Upgrade_failure_info.bat to leave a file on the desktop in either Normal Boot or Safe Mode

    - - - Updated - - -


    OK a ran the Admin PS script. It just appears to be the same thing, and leaves no file anywhere, but at the end, it opens a window at

    C:\Users\Photo One\AppData\Local\Temp\LOGS

    Would you like to be transfer that LOGS folder to Dropbox and link you to it?<br>
      My Computers


  10. Posts : 39,961
    windows 10 professional version 1607 build 14393.969 64 bit
       #90

    Where are DM and PS script results?
    Please post share links.

    List any of these software:
    antivirus
    firewall
    drive encryption

    Run these commands using ACP:

    Code:
    Dism /Online /Get-Drivers > "%userprofile%\Desktop\driver.txt
    Code:
    findstr /c:"CONX" C:\$Windows.~BT\Sources\Panther\setupact.log  >"%userprofile%\Desktop\Setupactdetails.txt"
    Code:
    WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName
    post results from ACP and share links from the desktop


    setupdiag: https://docs.microsoft.com/en-us/win...rade/setupdiag


    Download and install Farbar > post share links for Frst.txt and Addition.txt
    Downloading Farbar Recovery Scan Tool

    Run the program by double-clicking.
    When the program starts, click Yes to agree with a warning.
    Ensure that Optional Scan is checked "List BCD" , "Driver MD5" and"Addition.txt".
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:54.
Find Us




Windows 10 Forums