Powershell to collect info for BSOD

Discussion in 'Windows 10 Blue Screen of Death (BSOD)' started by Neemobeer, Jan 5, 2016.

Thread Status:
Not open for further replies.
  1. Neemobeer

    Neemobeer Windows Forum Team
    Staff Member

    Joined:
    Jul 4, 2015
    Messages:
    2,400
    Likes Received:
    362
    Here is a powershell script that collects roughly the same info for BSOD analysis. Simply run it from an elevated powershell prompt. It creates a folder on the desktop called SYSTEMREPORT and a SYSTEMREPORT.zip. It will also prompt you and enable crash dumps if you don't have them enabled.

    It will clean them up on any re-run of the script.

    Code:
    $CollectDir = "$env:USERPROFILE\Desktop\SYSTEMREPORT"
    $DumpPath = "HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl"
    
    Function Get-DumpSettings([String]$Path)
    {
        #Check that crash dump is enabled
        $crash = [int](Get-ItemProperty -Path $Path).CrashDumpEnabled
        If( $crash -ge 1 )
        {
            $dump = [String](Get-ItemProperty -Path $Path).MinidumpDir
            If($dump.Contains('%'))
            {
                "Enviroment variable detected, expanding..."
                $dump = $ExecutionContext.InvokeCommand.ExpandString($dump)
            }
            $dump
        } Else
        {
            #Prompt to enable crash dumps
            Write-Host "Crash Dump is not enabled" -ForegroundColor Red
            $input = Read-Host "Enable Small Memory Dump (Recommended)? [Y/N]"
            If($input.ToString().ToLower() -eq "y")
            {
                "Enabling Crash Dumps"
                Set-ItemProperty -Path $DumpPath -Name "CrashDumpEnabled" -Value 3
                "Run again when you have another BSOD"
                Exit
            } Else
            { Exit }
        }
    }
    
    Function Create-Archive([String]$DumpLocation)
    {
        If(Test-Path -Path $CollectDir)
        {
            Remove-Item -Path $CollectDir -Force -Recurse
        }
     
        #Gather system information for troubleshooting
        New-Item -Path $CollectDir -ItemType Directory
        msinfo32 /nfo $CollectDir\MSINFO32.nfo
        Get-Content "C:\Windows\System32\drivers\etc\hosts" > $CollectDir\Hosts.txt
        Get-WindowsDriver -Online -All > $CollectDir\DriverList.txt
        dxdiag /t $CollectDir\Dxdiag.txt
        systeminfo > $CollectDir\SystemInfo.txt
        Get-EventLog -LogName Application -Newest 50 | FT -AutoSize | Out-String -Width 500 > $CollectDir\EventApplication.log
        Get-EventLog -LogName System -Newest 50 | FT -Wrap -AutoSize > $CollectDir\EventSystem.log
        Get-WindowsUpdateLog -LogPath $CollectDir\WindowsUpdate.Log
    
        #Copy DMP files to collection directory
        $DumpLocation
        If(Test-Path -Path $DumpLocation)
        {
            $dmp = Get-ChildItem -Path $DumpLocation -Filter "*.dmp"
            ForEach ($d In $dmp)
            {
                $d.FullName
                Copy-Item -Path $d.FullName -Force -Destination $CollectDir
            }
        }
    
        #Create Archive
        Add-Type -Assembly "system.io.compression.filesystem"
        $zip = "$CollectDir.zip"
        If(Test-Path -Path $zip) { Remove-Item -Path $zip -Force }
        [io.compression.zipfile]::CreateFromDirectory($CollectDir,$zip)
    }
    
    $dumpdir = Get-DumpSettings -Path $DumpPath
    Create-Archive -DumpLocation $dumpdir
     
    kemical likes this.
  2. kemical

    kemical Windows Forum Admin
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    Aug 28, 2007
    Messages:
    31,816
    Likes Received:
    1,563
    Nice post Neemobeer! I'll move it if you don't mind to the BSOD section.
     
  3. kemical

    kemical Windows Forum Admin
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    Aug 28, 2007
    Messages:
    31,816
    Likes Received:
    1,563
    Please use the above thread to collect information which you can then add to your thread in the form of a zip file.
     
Thread Status:
Not open for further replies.

Share This Page

Loading...