Show crashing processes via werfault.exe

1. ## show process details for any werfault.exe processes
2. ## command line will be where -p argument is the process id:
3. ##    C:\Windows\SysWOW64\WerFault.exe -u -p 2272 -s 836
4.  
5. ## note use of script: scope for $c variable so can use in multiple calculated properties
6.  
7. gcim win32_process -filter "name = 'werfault.exe'"| select name,processid,CreationDate,@{n='Crashee';e={$($script:c=$null;if( $_.CommandLine -match ' -p (\d+)' ) { ($script:c = Get-Process -id $matches[1]) | Select -expand path } else { $script:c = $null }) }},@{n='Start Time';e={$script:c|Select -expand starttime}}
8.  
9. ## can then get a dump of the crashed processes via taskmgr, SysInternals procdump, etc
10.