Need troubleshooting advise upgrading windows 10

Hello there，

The Upgrade Assistant or Media Creation Tool do not work with Windows 10 Enterprise.

Windows 10 Enterprise can only be upgraded by downloading the latest version through the Volume License Service Center then performing a manual upgrade; or upgrading through Windows Update.
https://www.microsoft.com/Licensing/servicecenter/default.aspx

I suggest you to back up all important files then perform a clean installation through the ISO file.

You may find further information in similar cases:
“Update Windows 10 Enterprise to latest Version”
https://social.technet.microsoft.com/Forums/en-US/82465fda-ed89-41ca-960f-1080cd62dbea/update-windows-10-enterprise-to-latest-version

“I have Windows 10 Enterprise, but the new Updater tool says I don't”
https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install-winpc/i-have-windows-10-enterprise-but-the-new-updater/905b67c1-1c5c-4000-af7f-4fedfd2c1fe7

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.

Best Regards,
Samson Peng

Hi Guys ,

Really appreciate the response I've received from both Doc-4663 and SamsonPeng-MSFT , I'm going to try these steps over the next few days and will update you on my progress.

Again a big big Thank - you at least I have a way forward now!

Will update ASAP

Hi Doc-4663

Ok so I have done the following :

1.Decrypted the drive on 2 machines
2.Removed all McAfee product's using their product removal tool , which has removed the antivirus and firewall as well as the agent.

With regards to this error : 0xC1900101-20017 , I have updated all the drivers in the device manager , if I may ask what is the best way to identify the driver causing the issue other then the steps I've taken in my first post ?

3.I have run through all your troubleshooting steps 1-12 , the logs are below.

XX-170390 - 1st Machine

---

Microsoft Windows [Version 10.0.17763.1935]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\windows\system32>sfc/scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

C:\windows\system32>dism /online /cleanup-image /scanhealth

Deployment Image Servicing and Management tool
Version: 10.0.17763.1697

Image Version: 10.0.17763.1935

[==========================100.0%==========================] No component store corruption detected.
The operation completed successfully.

C:\windows\system32>dism /online /cleanup-image /restorehealth

Deployment Image Servicing and Management tool
Version: 10.0.17763.1697

Image Version: 10.0.17763.1935

[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.

C:\windows\system32>sfc/scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\windows\system32>chkdsk /scan
The type of the file system is NTFS.
Volume label is Windows.

Stage 1: Examining basic file system structure ...
1029888 file records processed.
File verification completed.
20888 large file records processed.
0 bad file records processed.

Stage 2: Examining file name linkage ...
197 reparse records processed.
1208676 index entries processed.
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered to lost and found.
197 reparse records processed.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
89395 data files processed.
CHKDSK is verifying Usn Journal...
38956232 USN bytes processed.
Usn Journal verification completed.

Windows has scanned the file system and found no problems.
No further action is required.

226326527 KB total disk space.
51966368 KB in 402147 files.
278024 KB in 89396 indexes.
0 KB in bad sectors.
1149707 KB in use by the system.
65536 KB occupied by the log file.
172932428 KB available on disk.

  4096 bytes in each allocation unit.

56581631 total allocation units on disk.
43233107 allocation units available on disk.

C:\windows\system32>wmic recoveros set autoreboot = false
Updating property(s) of '\XX-170390\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Enterprise|C:\windows|\Device\Harddisk0\Partition2"'
Property(s) update successful.

C:\windows\system32>wmic recoveros set DebugInfoType = 7
Updating property(s) of '\XX-170390\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Enterprise|C:\windows|\Device\Harddisk0\Partition2"'
Property(s) update successful.

C:\windows\system32>wmic recoveros get autoreboot
AutoReboot
FALSE

C:\windows\system32>wmic recoveros get DebugInfoType
DebugInfoType
7

C:\windows\system32>wmic Computersystem where name="%computername%" set AutomaticManagedPagefile=^Z

C:\windows\system32>wmic Computersystem where name="XX-170390" set AutomaticManagedPagefile=True
Updating property(s) of '\XX-170390\ROOT\CIMV2:Win32_ComputerSystem.Name="XX-170390"'
Property(s) update successful.

C:\windows\system32>wmic Computersystem where name="XX-170390" get AutomaticManagedPagefile
AutomaticManagedPagefile
TRUE

C:\windows\system32>bcdedit /enum {badmemory}

RAM Defects

identifier {badmemory}

C:\windows\system32>

---

XX-180807X - 2nd Machine

---

Microsoft Windows [Version 10.0.17763.1935]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

C:\windows\system32>dism /online /cleanup-image /scanhealth

Deployment Image Servicing and Management tool
Version: 10.0.17763.1697

Image Version: 10.0.17763.1935

[==========================100.0%==========================] No component store corruption detected.
The operation completed successfully.

C:\windows\system32>dism /online /cleanup-image /restorehealth

Deployment Image Servicing and Management tool
Version: 10.0.17763.1697

Image Version: 10.0.17763.1935

[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.

C:\windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\windows\system32>chkdsk /scan
The type of the file system is NTFS.
Volume label is Windows.

Stage 1: Examining basic file system structure ...
826880 file records processed.
File verification completed.
27436 large file records processed.
0 bad file records processed.

Stage 2: Examining file name linkage ...
476 reparse records processed.
1038116 index entries processed.
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered to lost and found.
476 reparse records processed.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
105619 data files processed.
CHKDSK is verifying Usn Journal...
37172008 USN bytes processed.
Usn Journal verification completed.

Windows has scanned the file system and found no problems.
No further action is required.

231577599 KB total disk space.
63700524 KB in 364104 files.
267312 KB in 105620 indexes.
0 KB in bad sectors.
949195 KB in use by the system.
65536 KB occupied by the log file.
166660568 KB available on disk.

  4096 bytes in each allocation unit.

57894399 total allocation units on disk.
41665142 allocation units available on disk.

C:\windows\system32>wmic recoveros set autoreboot = false
Updating property(s) of '\XX-180807X\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Enterprise|C:\windows|\Device\Harddisk0\Partition2"'
Property(s) update successful.

C:\windows\system32>wmic recoveros set DebugInfoType = 7
Updating property(s) of '\XX-180807X\ROOT\CIMV2:Win32_OSRecoveryConfiguration.Name="Microsoft Windows 10 Enterprise|C:\windows|\Device\Harddisk0\Partition2"'
Property(s) update successful.

C:\windows\system32>wmic recoveros get autoreboot
AutoReboot
FALSE

C:\windows\system32>wmic recoveros get DebugInfoType
DebugInfoType
7

C:\windows\system32>wmic Computersystem where name="XX-180807X" set AutomaticManagedPagefile=True
Updating property(s) of '\XX-180807X\ROOT\CIMV2:Win32_ComputerSystem.Name="XX-180807X"'
Property(s) update successful.

C:\windows\system32>wmic Computersystem where name="XX-180807X" get AutomaticManagedPagefile
AutomaticManagedPagefile
TRUE

C:\windows\system32>bcdedit /enum {badmemory}

RAM Defects

identifier {badmemory}

C:\windows\system32>

---

I'm currently redeploying the 2004 ISO now to these 2 machines , and will update you further on my progress.

Thank - you

First scannow: Windows Resource Protection found corrupt files and successfully repaired them.

Second scannow: Windows Resource Protection did not find any integrity violations.

The above results were the same for a second computer.

One of the links that SamsonPeng-MSFT posted was dated 5/9/17.

"The Upgrade Assistant or Media Creation Tool do not work with Windows 10 Enterprise."

Then troubleshooting steps for a driver would not be fruitful if that is correct in 2021.

If the setupdiag reported error 20017 is only a problematic driver then logs collectors can be run for troubleshooting.

Open administrative command prompt (ACP) and type or copy and paste:

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

findstr /c:"CONX" C:\$Windows.~BT\Sources\Panther\setupact.log >"%userprofile%\Desktop\Setupactdetails.txt"

Find the new text files on the desktop and post share links into this thread.

Run:

https://www.tenforums.com/bsod-crashes-debugging/162488-batch-files-use-bsod-debugging-2.html#post2067853
Upgrade_failure_info.bat - Click here to go to the BSOD batch repository to download and run this batch file.
https://www.windowsq.com/resources/batch-scripts.14/

V2:
https://www.windowsq.com/resources/v2-log-collector.8/
https://www.tenforums.com/bsod-crashes-debugging/2198-bsod-posting-instructions.html

LOGS PS1 (This script was created by Microsoft Technet script guys)

Copy and paste into administrative Powershell > keyboard click enter > pop up click OK (it takes typically < 20 minutes to run) > post a share link using one drive, drop box, or google drive

function wh   
    {  
        Param ( [parameter (Mandatory = $true)][string]$txt )  
        Write-Host $txt -ForegroundColor Green -BackgroundColor Black -NoNewline  
        ##Example usage wh "Alias for `n Write-Host"  

    } ## End function wh  


function StartScript   
    {  
        ##Locating Temp Dir and writing Transcript  
        $global:tempDir = [System.IO.Path]::GetTempPath()   
        MD $tempDir\LOGS -EA SilentlyContinue   
        CD $tempDir\LOGS  
        $txtCount = Get-Item $tempDir/LOGS/*.TXT -EA SilentlyContinue  
        if((Get-Host).Version.Major -cge 5) ##WIN7 Not Supported  
            {  
                if($txtCount.Count -cge 1)   
                {Start-Transcript -Append -Path $tempDir/LOGS/Event-Search.TXT}   
                Else{Start-Transcript -Path $tempDir\LOGS\Event-Search.TXT}   
            }  

        $global:explore = $tempDir + "LOGS\"  
        $global:Ver = "1.6.3"  
        wh "`nLog Collection... (V$Ver)`n"  

        #clearing previous actions  
        Stop-Job *  

        #Initialize CheckBox Vars to $True/$False  
            $Global:EventsCollect = $true; $Global:SetupDiagCollect = $true  
                $Global:UpdatesCollect = $true; $Global:WLANCollect = $true  
                    $Global:PowerCollect = $true; $Global:GPCollect = $true  
                        $Global:miscCollect = $true; $Global:bingCollect = $true  
                            $Global:eventOut = $false        
        #Clear Jobs  
        Stop-Job *  
        Remove-Job *  

    } ## End function Start-Script  


function SetupDiagFunc  
    {  
        wh "`n Grabbing SetupDiag.exe ..."       
        Invoke-WebRequest https://go.microsoft.com/fwlink/?linkid=870142 -OutFile $tempDir\SetupDiag.exe -TimeoutSec 3 -UseBasicParsing  
            #check for successful download  
            if((Get-Item $tempDir\SetupDiag.exe).length -gt 100000)  
                {  
                  wh "`nSuccessful DL!"  
                  wh "`n Invoking SetupDiag.exe ..."  
                  $SetupDiag = {CMD.EXE /C "%temp%\setupdiag.exe /Verbose /Output:%temp%\SetupDiag-Log.txt"}  

                  ## Kick-Off SetupDiagJob  
                  Start-Job -Name SetupDiagJob -ScriptBlock $SetupDiag                     

                }Else{Write-Host "`nDownload of SetupDiag.exe Failed!" -BackgroundColor RED }  

    } ## End Function SetupDiagFunc  


function EventSearch  
    {  
    wh "`n Starting EventSearch Job-Function ...`n"  
    ## Gathering Events from System using Get-WinEvent via Job  
    $EventSearchJob =   
        {  
        $evtPaths = Get-Item C:\Windows\System32\Winevt\Logs\*.evtx -Exclude "*PowerShell*",   
            "*known folders*" | Select-Object FullName  
        $i = $evtPaths.Count  

        $x = 0 ##For 1st Loop do Until x = i  
        $events = @()  
        $gatherEvents = @()  
        $eventsArray = @()  
        $searchResult = @()  
        $MaxEvents = 99  

        #Loading/Gathering Events Loop...  
        do {  

            ##Getting Events w/ Get-WinEvent         
            $gatherEvents = Get-WinEvent -Path $evtPaths[$x].FullName -MaxEvents $MaxEvents -EA SilentlyContinue  
            $events = $events + $gatherEvents             

            $x++  

            }  
             Until ($x -eq $i)      

        $x = $x +1 ##Total Events Found!  

        $eventsLength = $events.Length ##Total events catalogged!  

        $xx = 0  

        # Write Event Properties to a row and roll it out - Collapsing Array ...   
        do {  
               $date = $events[$xx].TimeCreated | Get-Date -Format "yyyyMMdd".ToString() -EA SilentlyContinue ##EA SC for Blank Entries  

                $eventRow = new-object PSObject -Property @{  
                Date = $date;  
                Id = $events[$xx].Id;  
                Level = $events[$xx].LevelDisplayName;  
                Provider = $events[$xx].ProviderName;  
               Message = $events[$xx].Message;  
                }  

                $cRow = $date + " " + "ID:" +  $events[$xx].Id + " " + "Level:" + $events[$xx].LevelDisplayName + " " + "Provider:" + $events[$xx].ProviderName + " " + "Message:" + $events[$xx].Message   
                $eventsArray += $cRow  

                $xx++  
                $d++  
        }  
        Until ($xx -eq $events.Length)  

        ##Looking for patterns error or fail in $eventsArray  
        $search = $eventsArray | Select-String -pattern ("error|fail") 

        Return $search ## | Write-Output ##Output for job  

        } ## End $EventSearchJob  

    Start-Job -Name EventSearchJob -ScriptBlock $EventSearchJob  

    } ## End function Event-Search  


function writeSearch  ##   
    {  
        ##Event Logs Cont.  
        MD $tempDir\LOGS\EVTX\ -EA SilentlyContinue 

        ##output to file  
        $search | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name -Wrap > TOP-ERRORS.TXT  
        $search > $tempDir\LOGS\SEARCH.TXT  

    if($Global:eventOut -eq $True)  
        {  
        $search | Group-Object | Sort-Object Count -Descending |   
            Select-Object -Property Count, Name | Out-GridView -Title "Top `"Errors`" via EVTX - V-$Ver"  
        }  

        wh "`n Collecting Matching EVTX Entries ...`n"     
        #Collecting all prev matching EVTX  
        #$evtx = Get-ChildItem C:\Windows\System32\Winevt\Logs\*.evtx  
        $evv = 0  

           $providerName =   
               (($search | Select-String "Provider:.*Message:").Matches.Value -Replace   
                      " Message:", "" -Replace "Provider:", "" | Group-Object ).Name  

            #Converting Provider Name to Log Name                 
            $providerName = (($providerName | ForEach-Object {Get-WinEvent -ProviderName $_ -MaxEvents 1 -EA SilentlyContinue}).LogName | Group-Object).Name     
               $providerName = $providerName -replace "Microsoft.", ""  
                  $providerName = $providerName -replace "Windows.", ""  
                     $providerName = $providerName -replace "`/.*$", ""  


                         $evtx = $providerName | foreach{Get-ChildItem "C:\Windows\System32\winevt\logs\*$_*"}  

                Do{  
                    COPY $evtx[$evv].PSPath $tempDir\LOGS\EVTX\ 
                       $evv++  
                  }  
                  Until($evv -eq $evtx.Count)  

    } #End function writeSearch  


function GetUpdates  
    {  
        wh "`n Starting Get-WindowsUpdateLog Job-Function ...`n"  
        $updateJob = {get-WindowsUpdateLog}  

        if((Get-Host).Version.Major -cge 5) ##Modern Gatherer  
        {  
            Start-Job -Name GetUpdates -ScriptBlock $updateJob  
        }  

        ##Legacy Gatherer  
        CP C:\Windows\WindowsUpdate.log $tempDir\LOGS\WindowsUpdate.log  

        ##Installed-Updates/Packages 
        Get-WmiObject win32_quickfixengineering > $tempDir\LOGS\Installed_Updates.TXT  
        Get-WmiObject Win32_OperatingSystemQFE >> $tempDir\LOGS\Installed_Updates.TXT  
    DISM /Online /Get-Packages /Format:Table >> $tempDir\LOGS\Installed_Updates.TXT 

    } ## End function Get-Updates  


function PrinterCheck  
    {  
        wh "`n Getting Printer Information ..."  
        get-printer | ft Name, ComputerName, Type, DriverName, PortName, Datatype, Location, DriverName > $tempDir\LOGS\Printers.TXT  
        get-printerDriver | fl >> $tempDir\LOGS\Printers.TXT  
        Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append  
        Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers" | Out-File $tempDir\LOGS\Printers.TXT -Append  
        Get-ChildItem -Recurse Registry::"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" | Out-File $tempDir\LOGS\Printers.TXT -Append  
        write-output "## CBS ntprint CHECK ##" >> $tempDir\LOGS\Printers.TXT  
        $cbsCheck = (Get-ChildItem C:\Windows\Logs\CBS\*cbs* -Recurse | select-string -Pattern "E_INVALIDARG in eventsXml.*Microsoft-Windows-PrintService")  
        if($cbsCheck.Count -eq 0){Write-Output "## NO MATCHES IN CBS ##" >> $tempDir\LOGS\Printers.TXT} Else{$cbsCheck | Group-Object  >> $tempDir\LOGS\Printers.TXT}  
        write-output "## ntprint.dll CHECK ##" >> $tempDir\LOGS\Printers.TXT  
        (Get-ChildItem C:\Windows\System32\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT  
        (Get-ChildItem C:\Windows\SysWOW64\ntprint.dll).VersionInfo | ft -AutoSize >> $tempDir\LOGS\Printers.TXT  

    } ## End function PrinterCheck  


function UpdateHelper  
    {  
    if((Get-Host).Version.Major -cge 5)  
        {  
            $winupdatelog = get-item $tempDir\LOGS\windows-update.log    ##WIN-10 File  
            MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue | Out-Null  
            CP C:\Windows\Logs\WindowsUpdate\*.etl $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue  
        }  
            Else{$winupdatelog = get-item $tempDir\LOGS\windowsupdate.log} ##LEGACY File  

    $updateError = ($winupdatelog | select-string -pattern "error.*0x........");  
    $updateErrorSplit = $updateError -Split " "  
    $updateErrorCount = (($updateErrorSplit | select-string -pattern "0x........") -Replace "[(),'`.:]", "" -Replace "hr=", "");  

    $updateErrorCount | Group-Object | Sort-Object Count -Descending | Format-Table Count, Name | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT -Width 999  
    $updateError >> UPDATE-ERRORS.TXT  
    if($updateError.length -eq 0){"No `"error.*0x........`" patterns Found in Windows-Update.log" | Out-File $tempDir\LOGS\UPDATE-ERRORS.TXT}  

    ($winupdatelog | Select-String "KB\d\d\d\d\d\d\d" | Select-string "fail") | Out-file $tempDir\LOGS\UPDATE-ERRORS.TXT -Append -width 999  

    } ## End function UpdateHelper  


function getProcesses  
    {  
    wh "`nGetting Active Process ...`n"   
    Get-Process > $tempDir\LOGS\Running-Processes.TXT  
    CMD.EXE /C "tasklist /svc" | Out-File -Append  $tempDir\LOGS\Running-Processes.TXT  

    } ## End function getProcesses  


function GetApps  
    {  
    wh "`n Getting List of Installed Apps...`n"  
    Get-WmiObject -Class Win32_Product | Format-Table -Property Name, Version, Vendor > $tempDir\LOGS\Installed-Apps.TXT  
    Get-AppxPackage | ft Name, Version, InstallLocation, IspArtiallyStaged, SignatureKind, Status >> $tempDir\LOGS\Installed-Apps.TXT  

    } ## End function GetApps  


function SetupLogs  
    {  
    wh "`nGetting Windows Setup Logs Independent of SetupDiage.exe...`n"  
        MD $tempDir\LOGS\SETUP\ -EA SilentlyContinue  
    dir C:\ > $tempDir\LOGS\Dir_Structure.txt  

    ## Main Setup Collection  
    if($env:SystemDrive -eq 'C:') ##Verify SystemDrive  
    {  
        $SetupPaths = @()  

        $locations = @(  
            'C:\GetCurrent',  
            'C:\$Reset',  
            'C:\$SysReset',  
            'C:\$Windows.~BT',  
            'C:\$Windows.~WS',  
            'C:\Windows\Logs\',  
            'C:\Windows\Panther\',  
            'C:\Windows\inf\',  
            'C:\Windows\System32\LogFiles\',  
            'C:\Windows\System32\SysPrep\',  
            'C:\Windows10Upgrade',  
            'C:\Windows.old\Windows\Panther')  

        for($i = 0; $locations.count -gt $i; $i++)  
        {   
            if((get-item $locations[$i] -Force -EA SilentlyContinue).length -gt 0) ##Null Path Check -Force for Hidden  
            {  
                CD $locations[$i]  
                ##Search includes setuperr/setupact only  
                $SetupPaths += Get-ChildItem * -Force -Recurse -Include setuperr.log, setupact.log, miglog.xml, *APPRAISER_Humanreadable.xml -EA SilentlyContinue      
            }  
        }  

        $cleanPaths = @()  

        for($i = 0; $SetupPaths.count -gt $i; $i++)  
        {  
            $cleanPaths += $SetupPaths[$i].PSParentPath.ToString() -replace "Microsoft\.PowerShell\.Core\\FileSystem\:\:C\:\\", ""  
        }  

        CD $tempDir\LOGS\SETUP\  
        MD $cleanPaths -Force  
        CD $tempDir\LOGS\  

        for($i = 0; $SetupPaths.count -gt $i; $i++)  
        {  
            $destPath = "$tempDir\LOGS\SETUP\" + $cleanPaths[$i]  
            $copyPathLog = ($SetupPaths[$i].ToString())  

            Copy  $copyPathLog -Destination $destPath  
        }  

    }Else{Write-Host "`nSystem Drive is not C:... Setup Collection Aborted!`n"}  
    ## End Main Setup Collection  


        ## Setup Reg Output      
        Get-ChildItem HKLM:\SYSTEM\SETUP\ | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT  
        Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\Me* -recurse -EA SilentlyContinue | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append  
        Get-Childitem HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate | Out-File $tempDir\LOGS\SETUP\HKLM_SYSTEM_SETUP-OOBE.TXT -Append  

        ## SetupAct String Search  



         $setupRegx = @("MOUPG SetupHost..Initialize:",  
                        "============================",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Initialize. CmdLine"),  
                        "",  
                        "MOUPG Setup build & Host OS Build:",  
                        "==================================",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG  SetupHost..Setup build"),  
                        "...",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MOUPG      Host OS"),  
                        "",  
                        "Watson Parameters (4&5):",  
                        "=======================",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Watson Bucketing Parameters\[[4-5]\]" ),  
                        "",  
                        "\[0x........\]Error:",  
                        "==================",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "\[0x........\]\[0x.....\]"),  
                        "",  
                        "`"FATAL`":",  
                        "======",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "FATAL" | Select-String -NotMatch "FatalExecutionEngineError" | Select-String -NotMatch "non-fatal"),  
                        "",  
                        "`"Error   `":",  
                        "===========",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "Error   "),  
                        "",  
                        "MIGRATE.*DATA:",  
                        "==============",  
                        "",  
                        (Get-ChildItem $tempDir\LOGS\*setupact.log -Recurse | Select-String "MIGRATE.*DATA"),  
                        ""             
                        )  
            $q=0  
            Do {$setupRegx[$q] | Out-File $tempDir\LOGS\SETUP\SetupAct-Regex.TXT -Append -Width 999 ##spool out results  
                                  $q++                    
                                            }Until($q -eq $setupRegx.Count)  

    } ## End function SetupLogs  


function powerCFGInfo  
    {  
    MD $tempDir\LOGS\POWER\ -EA SilentlyContinue  | Out-Null  
    wh "`n Grabbing PowerCFG, Sleep & Battery Info ...`n"  

    ("`n" + "Available Sleep States (/A): `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    powercfg /a | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  

    ("`n" + "-DeviceQuery Wake_Armed: `r" + "`n" +"========================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    powercfg -devicequery wake_armed  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  

    ("`n" + "Last Wake (-lastwake):  `r" + "`n" +"=====================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    powercfg -lastwake  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  

    ("`n" + "-Requests: `r" + "`n" +"==========`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    powercfg -requests  | Out-file -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  

    $powerList = powercfg -list  
    $powerList | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    $powerActive = $powerList | select-string "\*" | powercfg /QH "$_"   
    ("`n`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  

    ("`n" + "Active Power Scheme Details: `r" + "`n" +"============================`r" + "`r").ToString() | Out-File -Append -Encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  
    $powerActive | Out-File -Append -encoding ascii $tempDir\LOGS\POWER\POWERCFG_INFO.txt  


    if((Get-Host).Version.Major -cge 5) ##WIN7 Does not Support powercfg /battery /sleepstudy  
         {   
           $ifbattery = Get-WmiObject win32_battery  
           if ( $ifbattery.__SERVER.count -cge 1 ) { CMD.EXE /C "powercfg /batteryreport /output %temp%\LOGS\POWER\battery-report.html" }  
           CMD.EXE /C "powercfg /sleepstudy /output %temp%\LOGS\POWER\sleepstudy-report.html"  
         }  
           CMD.EXE /C "powercfg /ENERGY /duration 10 /output %temp%\LOGS\POWER\energy-report.html"         

    } ## End function powerCFGInfo  


function sysProductCheck  
    {  
    wh "`n Getting SystemProductName ...`n"  
    ##SystemInformation Reg   
    reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\ /v SystemProductName  > $tempDir\LOGS\REG_SystemProductName.TXT   
    Get-WmiObject Win32_ComputerSystem > $tempDir\LOGS\WMI_Object_System.TXT  
    Get-WmiObject Win32_ComputerSystemProduct >> $tempDir\LOGS\WMI_Object_System.TXT  

    } ## End functions sysProductCheck  


function showWLAN  
    {  
    wh "Generating NETSH WLAN Report...`n"  

    $showWLANjob = {  
                    CMD.EXE /c "netsh wlan show networks mode=ssid > %temp%\LOGS\Network\wlan.txt"  
                    CMD.EXE /c "netsh wlan show networks mode=bssid >> %temp%\LOGS\Network\wlan.txt"  
                    CMD.EXE /c "netsh winhttp show proxy > %temp%\LOGS\Network\proxy.txt"  
                    CMD.EXE /c "netsh wlan show wlanreport & COPY C:\ProgramData\Microsoft\Windows\wlanReport\wlan-report-latest.html %temp%\LOGS\Network\wlan-report-latest.html"   
                    ##WIN7 Does not Support netsh wlanreport                                                    
                    }   

    Start-Job -Name showWLAN -ScriptBlock $showWLANjob  

    } ## End function sysProductCheck  


function getGPRESULT  
    {  
    wh "`nGetting GPRESULT...`n"  
    CMD.EXE /C "GPRESULT /V > %temp%\LOGS\GPRESULT.TXT"  

    } ## End function getGPRESULT  


function reservedCheck  
    {       

    $reservedJob =   
        {  
        $vol = (mountvol /L | select-string -Pattern "\\\\")  
        $volstring = "mountvol y:" + $vol[0]  
        CMD.EXE /C $volstring  

        SLEEP 2  

        CMD.EXE /C "CHKDSK y: > %temp%\LOGS\SystemReserved.TXT"  

        SLEEP 2 # Pause after drive dismount  

        CMD.EXE /C "mountvol y: /D"  
        }  

    Start-Job -Name reservedJob -ScriptBlock $reservedJob  

    } ## End function reservedCheck  


function fltmcCheck  
    {  
    wh "`n Getting fltmc Filters ...`n"  
    CMD.EXE /c "fltmc filters > %temp%\LOGS\fltmc_filters.TXT"  

    } ## End function fltmcCheck  


function getDXDiag  
    {  
    wh "`n Grabbing DXDiag Info...`n"  
    C:\Windows\System32\dxdiag /x $explore\DxDiag  

    } ## End function getDXDiag  


function getMSINFO  
    {  
    wh "`n Gathering MSINFO32 ...`n"  
    ## check if msinfo is already gathering - if so stop  
    If((get-process | select-string -Pattern "msinfo").Pattern -eq "msinfo")  
    {Stop-Process -ProcessName msinfo32}  

        C:\Windows\System32\msinfo32.exe /nfo $tempDir/LOGS/MSINFO32.NFO  

    } ## End function getMSINFO  


function getAV  
    {  
     if((Get-Host).Version.Major -cge 5) ##Modern OS Only  
        {  
        wh "`n Grab root\SecurityCenter2 AntivirusProduct ...`n"  
        $avPath = (Get-WmiObject -Namespace root\SecurityCenter2 -Class AntivirusProduct) | % {$_.pathtoSignedProductEXE}  
        "AV Info" + "`n========" | Out-File $tempDir/LOGS/SecurityProductInformation.TXT 
    $avPath | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append  
        if($avPath[0] -match "exe")  
            {   
                $path = (Get-Item $avPath[0]).PSParentPath  
                Get-Item $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append  
                Get-Content $path/*.ini | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append             
            }  
            Get-ChildItem "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\" -recurse -EA SilentlyContinue | Out-File $tempDir/LOGS/SecurityProductInformation.TXT -Append      
        }  
    } ## End function getAV  


function getDrivers  
    {  
    wh "`n Grabbing Driver listing via DISM.EXE ...`n"  
        $drivers = cmd.exe /C "dism /online /get-drivers /format:table"  
        $drivers += cmd.exe /C "dism /online /get-drivers /all /format:table"  
        $drivers | Out-File $tempDir/LOGS/DISM-Get-Drivers.TXT  
    wh "`n Done!`n"  
    } ## End Function getDrivers  


function getMISCLogs  
    {  
        wh "`nCopying misc. logs ...`n"   
        MD $tempDir\LOGS\WER\ -EA SilentlyContinue   
        MD $tempDir\LOGS\Windows\Logs\WindowsUpdate\ -EA SilentlyContinue  
        CP "C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\*" $tempDir\LOGS\WER\ -Recurse -EA SilentlyContinue  
        CP "C:\Windows\Logs\CBS\*cbs*" $tempDir\LOGS\Windows\Logs\  
        CP "C:\Windows\Logs\DISM\*dism*" $TempDir\LOGS\Windows\Logs\  
        CP "C:\Windows\Logs\WindowsUpdate\*" $TempDir\LOGS\Windows\Logs\WindowsUpdate\  


        #DMP Collect  
        $dmp = @()  
        $dmp += Get-ChildItem C:\Windows\*.dmp   
        $dmp += (Get-ChildItem C:\Windows\LiveKernelReports\*.dmp -Recurse -EA SilentlyContinue)  
        $dmp += (Get-ChildItem C:\Windows\Minidump\*.dmp -Recurse -EA SilentlyContinue)  
        #Validate empty array  
        if($dmp.length -ne 0)  
            {  
            $dd=0  
                  Do{       
                        If($dmp[$dd].length -lt 2000000)  
                            { $destPath = $dmp[$dd].PSParentPath.Replace('C:\', '').Replace('Microsoft.PowerShell.Core\FileSystem::', '')  
                                MD $destPath -EA SilentlyContinue 
                                    COPY -Path $dmp[$dd].PSPath -Destination $destPath }  
                        $dd++  
                    }  
                    Until($dd -eq $dmp.Count)  
            }  

         #disk info 
         "`nGet-Disk:`n=========" > $tempDir\LOGS\Disk-Info.TXT  
         Get-Disk |fl >> $tempDir\LOGS\Disk-Info.TXT 
         "`nGet-Partition:`n==============" >> $tempDir\LOGS\Disk-Info.TXT  
         Get-Partition >> $tempDir\LOGS\Disk-Info.TXT 
         Manage-bde -protectors -get C: >> $tempDir\LOGS\Disk-Info.TXT 
         "`nIO Fail Search:`n===============`n" >> $tempDir\LOGS\Disk-Info.TXT 
         $search | Select-String ".*io.fail.*" | Select-String -NotMatch '0, 0, 0, 0' >> $tempDir\LOGS\Disk-Info.TXT        

    } ## End function getMISCLogs  


function bingCollect  
    {  
        ##O365 Firewall Check & Bing.com diagnostics.asp  
        ##URIs based on Article:   
        ##https://support.office.com/en-us/article/Network-requests-in-Office-365-ProPlus-and-Mobile-eb73fcd1-ca88-4d02-a74b-2dd3a9f3364d  

        MD $TempDir\LOGS\Network\ -EA SilentlyContinue  

        wh "Performing Bing & O365 URI Check ... `n"  


              $bingCheck = (Invoke-WebRequest -Uri https://www.bing.com/fdv2/diagnostics.aspx -UseBasicParsing)   
              $bingCheck | Out-File $tempDir\LOGS\Network\O365-URL-Query.TXT  

              $URIs = @('api.login.microsoftonline.com',    #0  Standard Reply = 403  
              'api.passwordreset.microsoftonline.com',      #1  Standard Reply = 200  
              'becws.microsoftonline.com',                  #2  Standard Reply = 403  
              'clientconfig.microsoftonline-p.net',         #3  Standard Reply = 404  
              'companymanager.microsoftonline.com',         #4  Standard Reply = 403  
              'device.login.microsoftonline.com',           #5  Standard Reply = 200  
              'graph.microsoft.com',                        #6  Standard Reply = 404  
              'hip.microsoftonline-p.net',                  #7  Standard Reply = 404   
              'hipservice.microsoftonline.com',             #8  Standard Reply = 404  
              'login.microsoft.com',                        #9  Standard Reply = 200  
              'login.microsoftonline.com',                  #10 Standard Reply = 200  
              'logincert.microsoftonline.com',              #11 Standard Reply = 200   
              'loginex.microsoftonline.com',                #12 Standard Reply = 200  
              'login-us.microsoftonline.com',               #13 Standard Reply = 200  
              'login.microsoftonline-p.com',                #14 Standard Reply = 200  
              'login.windows.net',                          #15 Standard Reply = 200  
              'nexus.microsoftonline-p.com',                #16 Standard Reply = 403  
              'passwordreset.microsoftonline.com',          #17 Standard Reply = 200  
              'provisioningapi.microsoftonline.com',        #18 Standard Reply = 403  
              'stamp2.login.microsoftonline.com',           #19 Standard Reply = 200  
              'ccs.login.microsoftonline.com',              #20 Standard Reply = 401  
              'ccs-sdf.login.microsoftonline.com',          #21 Standard Reply = 401  
              'accounts.accesscontrol.windows.net',         #22 Standard Reply = 200  
              'secure.aadcdn.microsoftonline-p.com',        #23 Standard Reply = 400  
              'windows.net',                                #24 Standard Reply = 200  
              'phonefactor.net',                            #25 Standard Reply = 200  
              'account.activedirectory.windowsazure.com',   #26 Standard Reply = 404  
              'secure.aadcdn.microsoftonline-p.com',        #27 Standard Reply = 400  
              'login.windows.net',                          #28 Standard Reply = 200  
              'provisioningapi.microsoftonline.com',        #29 Standard Reply = 403  
              'mscrl.microsoft.com',                        #30 Standard Reply = 400  
              'secure.aadcdn.microsoftonline-p.com',        #31 Standard Reply = 400  
              'windowsupdate.microsoft.com',                #32 Standard Reply = 200  
              'update.microsoft.com',                       #33 Standard Reply = 200  
              'au.download.windowsupdate.com',              #34 Standard Reply = 200  
              'download.windowsupdate.com',                 #35 Standard Reply = 200  
              'download.microsoft.com',                     #36 Standard Reply = 200  
              'tlu.dl.delivery.mp.microsoft.com');          #37 Standard Reply = 403  


              $count = 0;  
              $queryResult =@{};  

              Write-Host "Checking URIs .." -NoNewline  

              Do {           
                      Try{  
                      $queryResult[$count] = (Invoke-WebRequest -Uri ("http:`/`/" + $URIs[$count]) -Method Head -UseBasicParsing -TimeoutSec 2).RawContent  
                         }Catch{ $catch = $_ }  

                          if($queryResult[$count].Count -eq 0)