marvinlehmann/Collect_FH3_Crash_Info.ps1

## Collect_FH3_Crash_Info.ps1
# 2018-06-06 : Marvin Lehmann (marvinlehmann)

## Self elevation code
# Source: https://stackoverflow.com/questions/7690994/powershell-running-a-command-as-administrator

# Get the ID and security principal of the current user account
$myWindowsID = [System.Security.Principal.WindowsIdentity]::GetCurrent();
$myWindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($myWindowsID);

# Get the security principal for the administrator role
$adminRole = [System.Security.Principal.WindowsBuiltInRole]::Administrator;

# Check to see if we are currently running as an administrator
if (-NOT $myWindowsPrincipal.IsInRole($adminRole)) {
    # We are not running as an administrator, so relaunch as administrator
    $arguments = "& '" + $PSCommandPath + "'";
    Start-Process powershell -Verb runAs -ArgumentList $arguments;
    Exit;
}


## Real Script Logic

# Set working directory to the script path
Set-Location -Path $PSScriptRoot;

# Set output directory name to current datetime
$outputDir = "FH3_"+ (Get-Date -UFormat "%Y-%m-%d_%H-%M-%S");
New-Item -ItemType directory -Path $outputDir | Out-Null;

# Copy latest minidump
$minidumpDir = "$env:windir\Minidump"
Write-Output "Copying latest minidump - probably from another process ($minidumpDir)...";
$minidump = Get-ChildItem -Path $minidumpDir | Sort-Object LastAccessTime -Descending | Select-Object -First 1;
if ($minidump.Exists) {
    Copy-Item -Path $minidump.FullName -Destination $outputDir -Verbose;
} else {
    Write-Output "No minidump available."
}

# Copy latest live kernel dump
$livekernelreportsDir = "$env:windir\LiveKernelReports\WATCHDOG";
Write-Output "`r`nCopying latest live kernel dump - probably from another process ($livekernelreportsDir)...";
$livekerneldump = Get-ChildItem -Path $livekernelreportsDir | Sort-Object LastAccessTime -Descending | Select-Object -First 1;
if ($livekerneldump.Exists) {
    Copy-Item -Path $livekerneldump.FullName -Destination $outputDir -Verbose;
} else {
    Write-Output "No live kernel dump available."
}

# Copy FH3 crash dumps
$crashdumpsDir = "$env:LOCALAPPDATA\CrashDumps\forza_x64_release_final.exe.*.dmp";
Write-Output "`r`nCopying all FH3 crash dumps ($crashdumpsDir)...";
$crashdumps = Get-Item -Path $crashdumpsDir; # | Sort-Object LastAccessTime -Descending | Select-Object -First 1
if ($crashdumps.Count -gt 0) {
    Copy-Item -Path $crashdumps.FullName -Destination $outputDir -Verbose;
} else {
    Write-Output "No FH3 crash dumps available."
}

# Save dxdiag
Write-Output "`r`nSaving dxdiag...";
Start-Process "dxdiag.exe"  -ArgumentList "/t $outputDir/dxdiag.txt" -Wait;

# Save msinfo32
Write-Output "`r`nSaving msinfo32 report...";
Start-Process "msinfo32.exe"  -ArgumentList "/nfo $outputDir/msinfo32.nfo" -Wait;

# Copy CrashReport.xml
$crashreport = Get-Item "$env:LOCALAPPDATA\Packages\Microsoft.OpusPG_*\TempState\scratch\CrashReport.xml";
Write-Output "`r`nCopying CrashReport.xml ($crashreport)...";
if ($crashreport.Exists) {
    Get-Content $crashreport > "$outputDir\CrashReport.xml";
} else {
    Write-Output "No CrashReport.xml available."
}

# Copy game config
$gameconfig = Get-Item "$env:LOCALAPPDATA\Packages\Microsoft.OpusPG_*\TempState\scratch\User_PCLocalStorageDirectory\ConnectedStorage\ForzaUserConfigSelections\UserConfigSelections";
Write-Output "`r`nCopying game config ($gameconfig)...";
if ($gameconfig.Exists) {
    Get-Content $gameconfig > "$outputDir\UserConfigSelections.xml";
} else {
    Write-Output "No game config available."
}

# Collect events
Write-Output "`r`nCollecting events...";
$query = @"
<QueryList>
  <Query>
    <Select Path="Application">*[EventData[Data='forza_x64_release_final.exe']]</Select>
    <Select Path="System">*[System[Provider[@Name='Display']]]</Select>
  </Query>
</QueryList>
"@;
Get-WinEvent -FilterXml $query | Format-List > "$outputDir\EventLog.txt";

# Collect app crash reports
Write-Output "`r`nCollecting app crash reports...";
$appcrashreports = Get-Item -Path "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.OpusPG_*"
if ($appcrashreports.Count -gt 0) {
    Copy-Item -Path $appcrashreports -Destination $outputDir -Recurse -Container
}

# Collect additional information (bios, mainboard, services)
Write-Output "`r`nCollecting additional information (bios, mainboard, services)...";
Get-CimInstance -ClassName Win32_BIOS > "$outputDir\Extras.txt";
Get-CimInstance -ClassName Win32_BaseBoard | Select-Object Manufacturer, Product >> "$outputDir\Extras.txt";
Get-CimInstance -ClassName Win32_Service >> "$outputDir\Extras.txt";

# Wait for any key - will throw NotImplementedException in PowerShell ISE
Write-Output "`r`nDone!";
$HOST.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | OUT-NULL;
$HOST.UI.RawUI.Flushinputbuffer();
	# 2018-06-06 : Marvin Lehmann (marvinlehmann)

	## Self elevation code
	# Source: https://stackoverflow.com/questions/7690994/powershell-running-a-command-as-administrator

	# Get the ID and security principal of the current user account
	$myWindowsID = [System.Security.Principal.WindowsIdentity]::GetCurrent();
	$myWindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($myWindowsID);

	# Get the security principal for the administrator role
	$adminRole = [System.Security.Principal.WindowsBuiltInRole]::Administrator;

	# Check to see if we are currently running as an administrator
	if (-NOT $myWindowsPrincipal.IsInRole($adminRole)) {
	# We are not running as an administrator, so relaunch as administrator
	$arguments = "& '" + $PSCommandPath + "'";
	Start-Process powershell -Verb runAs -ArgumentList $arguments;
	Exit;
	}


	## Real Script Logic

	# Set working directory to the script path
	Set-Location -Path $PSScriptRoot;

	# Set output directory name to current datetime
	$outputDir = "FH3_"+ (Get-Date -UFormat "%Y-%m-%d_%H-%M-%S");
	New-Item -ItemType directory -Path $outputDir \| Out-Null;

	# Copy latest minidump
	$minidumpDir = "$env:windir\Minidump"
	Write-Output "Copying latest minidump - probably from another process ($minidumpDir)...";
	$minidump = Get-ChildItem -Path $minidumpDir \| Sort-Object LastAccessTime -Descending \| Select-Object -First 1;
	if ($minidump.Exists) {
	Copy-Item -Path $minidump.FullName -Destination $outputDir -Verbose;
	} else {
	Write-Output "No minidump available."
	}

	# Copy latest live kernel dump
	$livekernelreportsDir = "$env:windir\LiveKernelReports\WATCHDOG";
	Write-Output "`r`nCopying latest live kernel dump - probably from another process ($livekernelreportsDir)...";
	$livekerneldump = Get-ChildItem -Path $livekernelreportsDir \| Sort-Object LastAccessTime -Descending \| Select-Object -First 1;
	if ($livekerneldump.Exists) {
	Copy-Item -Path $livekerneldump.FullName -Destination $outputDir -Verbose;
	} else {
	Write-Output "No live kernel dump available."
	}

	# Copy FH3 crash dumps
	$crashdumpsDir = "$env:LOCALAPPDATA\CrashDumps\forza_x64_release_final.exe.*.dmp";
	Write-Output "`r`nCopying all FH3 crash dumps ($crashdumpsDir)...";
	$crashdumps = Get-Item -Path $crashdumpsDir; # \| Sort-Object LastAccessTime -Descending \| Select-Object -First 1
	if ($crashdumps.Count -gt 0) {
	Copy-Item -Path $crashdumps.FullName -Destination $outputDir -Verbose;
	} else {
	Write-Output "No FH3 crash dumps available."
	}

	# Save dxdiag
	Write-Output "`r`nSaving dxdiag...";
	Start-Process "dxdiag.exe" -ArgumentList "/t $outputDir/dxdiag.txt" -Wait;

	# Save msinfo32
	Write-Output "`r`nSaving msinfo32 report...";
	Start-Process "msinfo32.exe" -ArgumentList "/nfo $outputDir/msinfo32.nfo" -Wait;

	# Copy CrashReport.xml
	$crashreport = Get-Item "$env:LOCALAPPDATA\Packages\Microsoft.OpusPG_*\TempState\scratch\CrashReport.xml";
	Write-Output "`r`nCopying CrashReport.xml ($crashreport)...";
	if ($crashreport.Exists) {
	Get-Content $crashreport > "$outputDir\CrashReport.xml";
	} else {
	Write-Output "No CrashReport.xml available."
	}

	# Copy game config
	$gameconfig = Get-Item "$env:LOCALAPPDATA\Packages\Microsoft.OpusPG_*\TempState\scratch\User_PCLocalStorageDirectory\ConnectedStorage\ForzaUserConfigSelections\UserConfigSelections";
	Write-Output "`r`nCopying game config ($gameconfig)...";
	if ($gameconfig.Exists) {
	Get-Content $gameconfig > "$outputDir\UserConfigSelections.xml";
	} else {
	Write-Output "No game config available."
	}

	# Collect events
	Write-Output "`r`nCollecting events...";
	$query = @"
	<QueryList>
	<Query>
	<Select Path="Application">*[EventData[Data='forza_x64_release_final.exe']]</Select>
	<Select Path="System">*[System[Provider[@Name='Display']]]</Select>
	</Query>
	</QueryList>
	"@;
	Get-WinEvent -FilterXml $query \| Format-List > "$outputDir\EventLog.txt";

	# Collect app crash reports
	Write-Output "`r`nCollecting app crash reports...";
	$appcrashreports = Get-Item -Path "C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.OpusPG_*"
	if ($appcrashreports.Count -gt 0) {
	Copy-Item -Path $appcrashreports -Destination $outputDir -Recurse -Container
	}

	# Collect additional information (bios, mainboard, services)
	Write-Output "`r`nCollecting additional information (bios, mainboard, services)...";
	Get-CimInstance -ClassName Win32_BIOS > "$outputDir\Extras.txt";
	Get-CimInstance -ClassName Win32_BaseBoard \| Select-Object Manufacturer, Product >> "$outputDir\Extras.txt";
	Get-CimInstance -ClassName Win32_Service >> "$outputDir\Extras.txt";

	# Wait for any key - will throw NotImplementedException in PowerShell ISE
	Write-Output "`r`nDone!";
	$HOST.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") \| OUT-NULL;
	$HOST.UI.RawUI.Flushinputbuffer();
No results found