diff --git a/Stackmonkey.ps1 b/Stackmonkey.ps1
index 792639f..79fab72 100644
--- a/Stackmonkey.ps1
+++ b/Stackmonkey.ps1
@@ -1,11 +1,8 @@
-#region ScriptMonkey.ps1 (full updated script)
-
-#region changes to be done (now implemented)
-# - Event logging uses custom Windows log "SVS Scripting".
-# - Added SVS APPs tasks:
-#     winget install --id=Google.Chrome --silent --accept-package-agreements --accept-source-agreements
-#     winget install --id=Adobe.Acrobat.Reader.64-bit --silent --accept-package-agreements --accept-source-agreements
-#endregion
+#region changes to be done
+#  We could change line 298 and 379 the have it log in "SVS Scripting" instead of "Application" if we can find a way to force create the log
+#  winget install --id=Google.Chrome --silent --accept-package-agreements --accept-source-agreements
+#  winget install --id=Adobe.Acrobat.Reader.64-bit --silent --accept-package-agreements --accept-source-agreements
+#endregion changes to be done
 
 <#
 .SYNOPSIS
@@ -32,410 +29,388 @@
     clear success/failure messages via Write-LogHybrid.
 #>
 
-#region Safely bypass Restricted Execution Policy + Elevation
-# ─── Relaunch elevated (Admin) + with ExecutionPolicy Bypass when needed ───
-$needBypass = ($ExecutionContext.SessionState.LanguageMode -ne 'FullLanguage' -or (Get-ExecutionPolicy) -eq 'Restricted')
-$identity   = [Security.Principal.WindowsIdentity]::GetCurrent()
-$principal  = [Security.Principal.WindowsPrincipal]$identity
-$needAdmin  = -not $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+#region Safely bypass Restricted Execution Policy 
+# ─── Safely bypass Restricted Execution Policy ───
+if ($ExecutionContext.SessionState.LanguageMode -ne 'FullLanguage' -or
+    (Get-ExecutionPolicy) -eq 'Restricted') {
+
+    Write-Host "[Info] Relaunching with ExecutionPolicy Bypass..." -ForegroundColor Yellow
+
+    if ($PSCommandPath) {
+        powershell.exe -NoProfile -ExecutionPolicy Bypass -File "`"$PSCommandPath`""
+    } else {
+        powershell.exe -NoProfile -ExecutionPolicy Bypass -Command "& { iwr 'https://sm.svstools.com' -UseBasicParsing | iex }"
+    }
 
-if ($needBypass -or $needAdmin) {
-    Write-Host "[Info] Relaunching elevated (Admin) with ExecutionPolicy Bypass..." -ForegroundColor Yellow
-    $args = if ($PSCommandPath) { "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" } else { "-NoProfile -ExecutionPolicy Bypass -Command `"& { iwr 'https://sm.svstools.com' -UseBasicParsing | iex }`"" }
-    Start-Process -FilePath "powershell.exe" -ArgumentList $args -Verb RunAs | Out-Null
     exit
 }
 
-# ─── TLS and silent defaults ───
+# ─── TLS and silent install defaults ───
 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
 $ProgressPreference = 'SilentlyContinue'
 $ConfirmPreference  = 'None'
-#endregion Safely bypass Restricted Execution Policy + Elevation
+#endregion Safely bypass Restricted Execution Policy 
 
 function Invoke-ScriptMonkey {
-
   # ─────────────────────────────────────────────────────────────────────────
   #  PARAMETERS + GLOBAL VARIABLES
   # ─────────────────────────────────────────────────────────────────────────
 
-  [CmdletBinding(
-    DefaultParameterSetName='UI',
-    SupportsShouldProcess=$true,
-    ConfirmImpact= 'Medium'
-  )]
-  param(
-      # ─────────────────────────────────────────────────────────
-      # Toolkit-only mode
-      [Parameter(Mandatory,ParameterSetName='Toolkit')][switch]$SilentInstall,
-      
-      # ─────────────────────────────────────────────────────────
-      # remove Toolkit
-      [Parameter(Mandatory,ParameterSetName='Cleanup')][switch]$Cleanup,
-
-      # ─────────────────────────────────────────────────────────
-      # Datto headless mode
-
-      # ─── DattoFetch & DattoInstall share the webhook creds ─────────────
-      [Parameter(Mandatory,ParameterSetName='DattoFetch')]
-      [Parameter(Mandatory,ParameterSetName='DattoInstall')]
-      [switch]$UseWebhook,
-
-      [Parameter(Mandatory,ParameterSetName='DattoFetch')]
-      [Parameter(Mandatory,ParameterSetName='DattoInstall')]
-      [string]$WebhookPassword,
-
-      [string]$WebhookUrl = $Global:DattoWebhookUrl,
-  
-      # ─── only DattoFetch uses these ────────────────────────────────────
-      [Parameter(ParameterSetName='DattoFetch')][switch]$FetchSites,
-      [Parameter(ParameterSetName='DattoFetch')][switch] $SaveSitesList,
-      [Parameter(ParameterSetName='DattoFetch')][ValidatePattern('\.csv$|\.json$')][string] $OutputFile = 'datto_sites.csv',
-
-      # ─── only DattoInstall uses these ─────────────────────────────────
-      [Parameter(Mandatory,ParameterSetName='DattoInstall')][string] $SiteUID,
-      [Parameter(Mandatory,ParameterSetName='DattoInstall')][string] $SiteName,
-      [Parameter(ParameterSetName='DattoInstall')][switch] $PushSiteVars,
-      [Parameter(ParameterSetName='DattoInstall')][switch] $InstallRMM,
-      [Parameter(ParameterSetName='DattoInstall')][switch] $SaveCopy
-  )
-  
-  #region global variables
-  
-  # Listening port for HTTP UI
-  $Port = 8082
-
-  # Configurable endpoints
-  $Global:DattoWebhookUrl = 'https://automate.svstools.ca/webhook/svsmspkit'
-
-  # Initialize a global in-memory log cache    
-  if (-not $Global:LogCache -or -not ($Global:LogCache -is [System.Collections.ArrayList])) {
-    $Global:LogCache = [System.Collections.ArrayList]::new()
-  }
-  #endregion global variables
-
-  #region SVS Module
-
-  function Install-SVSMSP {
-    param (
-      [switch] $Cleanup,
-      [switch] $InstallToolkit,
-      [Parameter(Mandatory = $false)][array]   $AllModules       = @(@{ ModuleName = "SVS_Toolkit" }, @{ ModuleName = "SVSMSP" }),
-      [Parameter(Mandatory = $false)][array]   $AllRepositories = @(@{ RepoName = "SVS_Repo" }, @{ RepoName = "SVS_Toolkit" }),
-      [Parameter(Mandatory = $false)][string]  $NewModuleName   = "SVSMSP",
-      [Parameter(Mandatory = $false)][string]  $NewRepositoryName = "SVS_Repo",
-      [Parameter(Mandatory = $false)][string]  $NewRepositoryURL  = "http://proget.svstools.ca:8083/nuget/SVS_Repo/"
-    )
-
-    function Perform-Cleanup {
-      Write-LogHybrid "Cleanup mode enabled. Starting cleanup..." "Info" "SVSModule"
-
-      try {
-        Uninstall-Module -Name SVSMSP -AllVersions -Force -ErrorAction Stop
-        Write-LogHybrid "SVSMSP module uninstalled from system." "Success" "SVSModule" -LogToEvent
-      }
-      catch {
-        if ($_.Exception.Message -match 'No match was found') {
-          Write-LogHybrid "No existing SVSMSP module found to uninstall." "Warning" "SVSModule" -LogToEvent
-        } else {
-          Write-LogHybrid "Failed to uninstall SVSMSP: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
-        }
-      }
-
-      if (Get-PSRepository -Name SVS_Repo -ErrorAction SilentlyContinue) {
-        try {
-          Unregister-PSRepository -Name SVS_Repo -ErrorAction Stop
-          Write-LogHybrid "SVS_Repo repository unregistered." "Success" "SVSModule" -LogToEvent
-        }
-        catch {
-          Write-LogHybrid "Failed to unregister SVS_Repo: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
-        }
-      }
-
-      if (Get-Module -Name SVSMSP) {
-        try {
-          Remove-Module SVSMSP -Force -ErrorAction Stop
-          Write-LogHybrid "SVSMSP module removed from current session." "Success" "SVSModule" -LogToEvent
-        }
-        catch {
-          Write-LogHybrid "Failed to remove SVSMSP from session: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
-        }
-      }
-    }
-
-    function Perform-ToolkitInstallation {
-      Perform-Cleanup
-      Write-LogHybrid "Registering repo $NewRepositoryName…" "Info" "SVSModule" -LogToEvent
-      if (-not (Get-PSRepository -Name $NewRepositoryName -ErrorAction SilentlyContinue)) {
-        Register-PSRepository -Name $NewRepositoryName -SourceLocation $NewRepositoryURL -InstallationPolicy Trusted
-      }
-      Write-LogHybrid "Installing module $NewModuleName…" "Info" "SVSModule" -LogToEvent
-      Install-Module -Name $NewModuleName -Repository $NewRepositoryName -Scope AllUsers -Force
-      Write-LogHybrid "Toolkit installation complete." "Success" "SVSModule" -LogToEvent
-    }
-
-    Write-LogHybrid "Install-SVSMSP called" "Info" "SVSModule" -LogToEvent
-    if ($Cleanup) { Perform-Cleanup; return }
-    if ($InstallToolkit) { Perform-ToolkitInstallation; return }
-    Perform-ToolkitInstallation
-  }
-
-  #endregion SVS Module
-
-  #region Write-Log
-
-  function Write-LogHelper {
-    [CmdletBinding()]
+    [CmdletBinding(
+      DefaultParameterSetName='UI',
+      SupportsShouldProcess=$true,
+      ConfirmImpact= 'Medium'
+    )]
     param(
-      [Parameter(Mandatory)][string]$Message,
-      [ValidateSet("Info","Warning","Error","Success","General")]
-      [string]$Level           = "Info",
-      [string]$TaskCategory    = "GeneralTask",
-      [switch]$LogToEvent,
-      [string]$EventSource     = "Script Automation Monkey",
-      [string]$EventLog        = "SVS Scripting",
-      [int]   $CustomEventID,
-      [string]$LogFile,
-      [switch]$PassThru
+        # ─────────────────────────────────────────────────────────
+        # Toolkit-only mode
+        [Parameter(Mandatory,ParameterSetName='Toolkit')][switch]$SilentInstall,
+        
+        # ─────────────────────────────────────────────────────────
+        # remove Toolkit
+        [Parameter(Mandatory,ParameterSetName='Cleanup')][switch]$Cleanup,
+
+        # ─────────────────────────────────────────────────────────
+        # Datto headless mode
+
+        # ─── DattoFetch & DattoInstall share the webhook creds ─────────────
+        [Parameter(Mandatory,ParameterSetName='DattoFetch')]
+        [Parameter(Mandatory,ParameterSetName='DattoInstall')]
+        [switch]$UseWebhook,
+
+        [Parameter(Mandatory,ParameterSetName='DattoFetch')]
+        [Parameter(Mandatory,ParameterSetName='DattoInstall')]
+        [string]$WebhookPassword,
+
+        [string]$WebhookUrl = $Global:DattoWebhookUrl,
+  
+        # ─── only DattoFetch uses these ────────────────────────────────────
+        [Parameter(ParameterSetName='DattoFetch')][switch]$FetchSites,
+        [Parameter(ParameterSetName='DattoFetch')][switch] $SaveSitesList,
+        [Parameter(ParameterSetName='DattoFetch')][ValidatePattern('\.csv$|\.json$')][string] $OutputFile = 'datto_sites.csv',
+
+        # ─── only DattoInstall uses these ─────────────────────────────────
+        [Parameter(Mandatory,ParameterSetName='DattoInstall')][string] $SiteUID,
+        [Parameter(Mandatory,ParameterSetName='DattoInstall')][string] $SiteName,
+        [Parameter(ParameterSetName='DattoInstall')][switch] $PushSiteVars,
+        [Parameter(ParameterSetName='DattoInstall')][switch] $InstallRMM,
+        [Parameter(ParameterSetName='DattoInstall')][switch] $SaveCopy
     )
-
-    $idMap  = @{ Info=1000; Warning=2000; Error=3000; Success=4000; General=1000 }
-    $colMap = @{ Info="Cyan"; Warning="Yellow"; Error="Red"; Success="Green"; General="White" }
-    $EventID = if ($PSBoundParameters.CustomEventID) { $CustomEventID } else { $idMap[$Level] }
-    $color   = $colMap[$Level]
-    $fmt     = "[$Level] [$TaskCategory] $Message (Event ID: $EventID)"
-
-    Write-Host $fmt -ForegroundColor $color
-
+  
+    #region global variables
+    $Port = 8082
+    $Global:DattoWebhookUrl = 'https://automate.svstools.ca/webhook/svsmspkit'
     if (-not $Global:LogCache -or -not ($Global:LogCache -is [System.Collections.ArrayList])) {
       $Global:LogCache = [System.Collections.ArrayList]::new()
     }
-    $Global:LogCache.Add([pscustomobject]@{
-      Timestamp = (Get-Date).ToString('yyyy-MM-dd HH:mm:ss')
-      Level     = $Level
-      Message   = $fmt
-    }) | Out-Null
+    #endregion global variables
 
-    if ($PSBoundParameters.LogFile) {
-      try {
-        "$((Get-Date).ToString('yyyy-MM-dd HH:mm:ss')) $fmt" |
-          Out-File -FilePath $LogFile -Append -Encoding UTF8
-      }
-      catch { Write-Host "[Warning] File log failed: $_" -ForegroundColor Yellow }
-    }
+    #region SVS Module
+    function Install-SVSMSP {
+      param (
+        [switch] $Cleanup,
+        [switch] $InstallToolkit,
+        [Parameter(Mandatory = $false)][array]   $AllModules       = @(@{ ModuleName = "SVS_Toolkit" }, @{ ModuleName = "SVSMSP" }),
+        [Parameter(Mandatory = $false)][array]   $AllRepositories = @(@{ RepoName = "SVS_Repo" }, @{ RepoName = "SVS_Toolkit" }),
+        [Parameter(Mandatory = $false)][string]  $NewModuleName   = "SVSMSP",
+        [Parameter(Mandatory = $false)][string]  $NewRepositoryName = "SVS_Repo",
+        [Parameter(Mandatory = $false)][string]  $NewRepositoryURL  = "http://proget.svstools.ca:8083/nuget/SVS_Repo/"
+      )
 
-    if ($LogToEvent) {
-      try {
-        if (-not [System.Diagnostics.EventLog]::SourceExists($EventSource)) {
-          New-EventLog -LogName $EventLog -Source $EventSource -ErrorAction Stop
+      function Perform-Cleanup {
+        Write-LogHybrid "Cleanup mode enabled. Starting cleanup..." "Info" "SVSModule"
+
+        try {
+          Uninstall-Module -Name SVSMSP -AllVersions -Force -ErrorAction Stop
+          Write-LogHybrid "SVSMSP module uninstalled from system." "Success" "SVSModule" -LogToEvent
+        } catch {
+          if ($_.Exception.Message -match 'No match was found') {
+            Write-LogHybrid "No existing SVSMSP module found to uninstall." "Warning" "SVSModule" -LogToEvent
+          } else {
+            Write-LogHybrid "Failed to uninstall SVSMSP: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
+          }
+        }
+
+        if (Get-PSRepository -Name SVS_Repo -ErrorAction SilentlyContinue) {
+          try {
+            Unregister-PSRepository -Name SVS_Repo -ErrorAction Stop
+            Write-LogHybrid "SVS_Repo repository unregistered." "Success" "SVSModule" -LogToEvent
+          } catch {
+            Write-LogHybrid "Failed to unregister SVS_Repo: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
+          }
+        }
+
+        if (Get-Module -Name SVSMSP) {
+          try {
+            Remove-Module SVSMSP -Force -ErrorAction Stop
+            Write-LogHybrid "SVSMSP module removed from current session." "Success" "SVSModule" -LogToEvent
+          } catch {
+            Write-LogHybrid "Failed to remove SVSMSP from session: $($_.Exception.Message)" "Error" "SVSModule" -LogToEvent
+          }
         }
-      } catch {
-        Write-Host "[Warning] Could not create event log '$EventLog' or source '$EventSource': $($_.Exception.Message)" -ForegroundColor Yellow
-        return
       }
 
-      $entryType = if ($Level -in 'Warning','Error') { $Level } else { 'Information' }
-
-      try {
-        Write-EventLog -LogName $EventLog -Source $EventSource -EntryType $entryType -EventID $EventID -Message $fmt
-      } catch {
-        Write-Host "[Warning] EventLog failed: $($_.Exception.Message)" -ForegroundColor Yellow
+      function Perform-ToolkitInstallation {
+        Perform-Cleanup
+        Write-LogHybrid "Registering repo $NewRepositoryName…" "Info" "SVSModule" -LogToEvent
+        if (-not (Get-PSRepository -Name $NewRepositoryName -ErrorAction SilentlyContinue)) {
+          Register-PSRepository -Name $NewRepositoryName -SourceLocation $NewRepositoryURL -InstallationPolicy Trusted
+        }
+        Write-LogHybrid "Installing module $NewModuleName…" "Info" "SVSModule" -LogToEvent
+        Install-Module -Name $NewModuleName -Repository $NewRepositoryName -Scope AllUsers -Force
+        Write-LogHybrid "Toolkit installation complete." "Success" "SVSModule" -LogToEvent
       }
+
+      Write-LogHybrid "Install-SVSMSP called" "Info" "SVSModule" -LogToEvent
+      if ($Cleanup) { Perform-Cleanup; return }
+      if ($InstallToolkit) { Perform-ToolkitInstallation; return }
+      Perform-ToolkitInstallation
+    }
+    #endregion SVS Module
+
+    #region Write-Log
+    function Write-LogHelper {
+      [CmdletBinding()]
+      param(
+        [Parameter(Mandatory)][string]$Message,
+        [ValidateSet("Info","Warning","Error","Success","General")]
+        [string]$Level           = "Info",
+        [string]$TaskCategory    = "GeneralTask",
+        [switch]$LogToEvent,
+        [string]$EventSource     = "Script Automation Monkey",
+        [string]$EventLog        = "SVS Scripting",   # <— default changed from Application
+        [int]   $CustomEventID,
+        [string]$LogFile,
+        [switch]$PassThru
+      )
+
+      $idMap  = @{ Info=1000; Warning=2000; Error=3000; Success=4000; General=1000 }
+      $colMap = @{ Info="Cyan"; Warning="Yellow"; Error="Red"; Success="Green"; General="White" }
+      $EventID = if ($PSBoundParameters.CustomEventID) { $CustomEventID } else { $idMap[$Level] }
+      $color   = $colMap[$Level]
+      $fmt     = "[$Level] [$TaskCategory] $Message (Event ID: $EventID)"
+
+      Write-Host $fmt -ForegroundColor $color
+
+      if (-not $Global:LogCache -or -not ($Global:LogCache -is [System.Collections.ArrayList])) {
+        $Global:LogCache = [System.Collections.ArrayList]::new()
+      }
+      $Global:LogCache.Add([pscustomobject]@{
+        Timestamp = (Get-Date).ToString('yyyy-MM-dd HH:mm:ss')
+        Level     = $Level
+        Message   = $fmt
+      }) | Out-Null
+
+      if ($PSBoundParameters.LogFile) {
+        try {
+          "$((Get-Date).ToString('yyyy-MM-dd HH:mm:ss')) $fmt" | Out-File -FilePath $LogFile -Append -Encoding UTF8
+        } catch {
+          Write-Host "[Warning] File log failed: $($_.Exception.Message)" -ForegroundColor Yellow
+        }
+      }
+
+      if ($LogToEvent) {
+        try {
+          # Ensure the log & source exist and are mapped together.
+          $regBase = 'HKLM:\SYSTEM\CurrentControlSet\Services\EventLog'
+          $mappedLog = $null
+          if ([System.Diagnostics.EventLog]::SourceExists($EventSource)) {
+            $mappedLog = (Get-ChildItem $regBase -ErrorAction SilentlyContinue |
+              Where-Object { Test-Path (Join-Path $_.PSPath $EventSource) } |
+              Select-Object -First 1
+            ).PSChildName
+          }
+          if (-not $mappedLog) {
+            New-EventLog -LogName $EventLog -Source $EventSource -ErrorAction Stop
+          } elseif ($mappedLog -ne $EventLog) {
+            # Source already exists but mapped to a different log. Create a new source mapped to target log.
+            $newSource = "$EventSource - $EventLog"
+            if (-not [System.Diagnostics.EventLog]::SourceExists($newSource)) {
+              New-EventLog -LogName $EventLog -Source $newSource -ErrorAction Stop
+            }
+            $EventSource = $newSource
+          }
+        } catch {
+          Write-Host "[Warning] Could not ensure event log/source ($EventLog / $EventSource): $($_.Exception.Message)" -ForegroundColor Yellow
+          # continue; we'll still try to write
+        }
+
+        $entryType = if ($Level -in 'Warning','Error') { $Level } else { 'Information' }
+        try {
+          Write-EventLog -LogName $EventLog -Source $EventSource -EntryType $entryType -EventID $EventID -Message $fmt
+        } catch {
+          Write-Host "[Warning] EventLog write failed: $($_.Exception.Message)" -ForegroundColor Yellow
+        }
+      }
+
+      if ($PassThru) { return $Global:LogCache[-1] }
     }
 
-    if ($PassThru) { return $Global:LogCache[-1] }
-  }
+    function Write-LogHybrid {
+      [CmdletBinding()]
+      param(
+        [Parameter(Mandatory=$true)][string]$Message,
+        [ValidateSet("Info","Warning","Error","Success","General")]
+        [string]$Level = "Info",
+        [string]$TaskCategory = "GeneralTask",
+        [switch]$LogToEvent,
+        [string]$EventSource = "Script Automation Monkey",
+        [string]$EventLog    = "SVS Scripting",   # <— default changed from Application
+        [ValidateSet("Black","DarkGray","Gray","White","Red","Green","Blue","Yellow","Magenta","Cyan")]
+        [string]$ForegroundColorOverride
+      )
 
-  function Write-LogHybrid {
-    [CmdletBinding()]
-    param(
-      [Parameter(Mandatory=$true)][string]$Message,
-      [ValidateSet("Info","Warning","Error","Success","General")]
-      [string]$Level = "Info",
-      [string]$TaskCategory = "GeneralTask",
-      [switch]$LogToEvent,
-      [string]$EventSource = "Script Automation Monkey",
-      [string]$EventLog    = "SVS Scripting",
-      [ValidateSet("Black","DarkGray","Gray","White","Red","Green","Blue","Yellow","Magenta","Cyan")]
-      [string]$ForegroundColorOverride
-    )
+      $formatted = "[$Level] [$TaskCategory] $Message"
 
-    $formatted = "[$Level] [$TaskCategory] $Message"
-
-    if ($PSBoundParameters.ContainsKey('ForegroundColorOverride')) {
-      Write-Host $formatted -ForegroundColor $ForegroundColorOverride
-      $invokeParams = @{
-        Message      = $Message
-        Level        = $Level
-        TaskCategory = $TaskCategory
-        LogToEvent   = $LogToEvent
-        EventSource  = $EventSource
-        EventLog     = $EventLog
-      }
-      if (Get-Command Write-Log -ErrorAction SilentlyContinue) { Write-Log @invokeParams } else { Write-LogHelper @invokeParams }
-    } else {
-      if (Get-Command Write-Log -ErrorAction SilentlyContinue) {
-        Write-Log -Message $Message -Level $Level -TaskCategory $TaskCategory -LogToEvent:$LogToEvent -EventSource $EventSource -EventLog $EventLog
+      if ($PSBoundParameters.ContainsKey('ForegroundColorOverride')) {
+        Write-Host $formatted -ForegroundColor $ForegroundColorOverride
+        $invokeParams = @{
+          Message      = $Message
+          Level        = $Level
+          TaskCategory = $TaskCategory
+          LogToEvent   = $LogToEvent
+          EventSource  = $EventSource
+          EventLog     = $EventLog
+        }
+        if (Get-Command Write-Log -ErrorAction SilentlyContinue) { Write-Log @invokeParams } else { Write-LogHelper @invokeParams }
       } else {
-        Write-LogHelper -Message $Message -Level $Level -TaskCategory $TaskCategory -LogToEvent:$LogToEvent -EventSource $EventSource -EventLog $EventLog
+        if (Get-Command Write-Log -ErrorAction SilentlyContinue) {
+          Write-Log -Message $Message -Level $Level -TaskCategory $TaskCategory -LogToEvent:$LogToEvent -EventSource $EventSource -EventLog $EventLog
+        } else {
+          Write-LogHelper -Message $Message -Level $Level -TaskCategory $TaskCategory -LogToEvent:$LogToEvent -EventSource $EventSource -EventLog $EventLog
+        }
       }
     }
-  }
+    #endregion Write-Log
+ 
+    #region building the Menus
+    $Global:Tasks = @(
+      # On-Boarding, left column
+      @{ Id='setSVSPowerplan';     Name='setSVSPowerplan';     Label='Set SVS Powerplan';     HandlerFn='Handle-setSVSPowerPlan';     Page='onboard'; Column='left' },
+      @{ Id='installSVSMSPModule'; Name='installSVSMSPModule'; Label='Install SVSMSP Module'; HandlerFn='Handle-InstallSVSMSP';       Page='onboard'; Column='left' },
+      @{ Id='installCyberQP';      Name='installCyberQP';      Label='Install CyberQP';       HandlerFn='Handle-InstallCyberQP';      Page='onboard'; Column='left' },
+      @{ Id='installSVSHelpDesk';  Name='installSVSHelpDesk';  Label='Install SVS HelpDesk';  HandlerFn='Handle-InstallSVSHelpDesk';  Page='onboard'; Column='left' },
+      @{ Id='installThreatLocker'; Name='installThreatLocker'; Label='Install ThreatLocker';  HandlerFn='Handle-InstallThreatLocker'; Page='onboard'; Column='left' },
+      @{ Id='installRocketCyber';  Name='installRocketCyber';  Label='Install RocketCyber';   HandlerFn='Handle-InstallRocketCyber';  Page='onboard'; Column='left' },
+      @{ Id='installDattoRMM';     Name='installDattoRMM';     Label='Install DattoRMM';      HandlerFn='Handle-InstallDattoRMM';     Page='onboard'; Column='left'; 
+         SubOptions= @(
+           @{ Value='inputVar'; Label='Copy Site Variables' },
+           @{ Value='rmm';      Label='Install RMM Agent'   },
+           @{ Value='exe';      Label='Download Executable' }
+         ) 
+      },
 
-  #endregion Write-Log
+      # On-Boarding, right column (optional bits)
+      @{ Id='enableBitLocker';     Name='EnableBitLocker';     Label='Enable BitLocker';       HandlerFn='Set-SVSBitLocker';             Page='onboard'; Column='right' },
+      @{ Id='setEdgeDefaultSearch';Name='setedgedefaultsearch';Label='Set Edge Default Search'; Tooltip='Will configure Edge to use Google as default search provider'; HandlerFn='set-EdgeDefaultSearchProvider'; Page='onboard'; Column='right' },
 
-  #region Tasks registry
+      # Off-Boarding
+      @{ Id='uninstallCyberQP';      Name='uninstallCyberQP';      Label='Uninstall CyberQP';        HandlerFn='Uninstall-CyberQP';  Page='offboard' },
+      @{ Id='uninstallSVSMSPModule'; Name='uninstallSVSMSPModule'; Label='Uninstall SVSMSP Module';  HandlerFn='Cleanup-SVSMSP';     Page='offboard' },
 
-  $Global:Tasks = @(
-    # On-Boarding, left column
-    @{ Id='setSVSPowerplan';     Name='setSVSPowerplan';     Label='Set SVS Powerplan';     HandlerFn='Handle-SetSVSPowerPlan';     Page='onboard'; Column='left' },
-    @{ Id='installSVSMSPModule'; Name='installSVSMSPModule'; Label='Install SVSMSP Module'; HandlerFn='Handle-InstallSVSMSP';       Page='onboard'; Column='left' },
-    @{ Id='installCyberQP';      Name='installCyberQP';      Label='Install CyberQP';       HandlerFn='Handle-InstallCyberQP';      Page='onboard'; Column='left' },
-    @{ Id='installSVSHelpDesk';  Name='installSVSHelpDesk';  Label='Install SVS HelpDesk';  HandlerFn='Handle-InstallSVSHelpDesk';  Page='onboard'; Column='left' },
-    @{ Id='installThreatLocker'; Name='installThreatLocker'; Label='Install ThreatLocker';  HandlerFn='Handle-InstallThreatLocker'; Page='onboard'; Column='left' },
-    @{ Id='installRocketCyber';  Name='installRocketCyber';  Label='Install RocketCyber';   HandlerFn='Handle-InstallRocketCyber';  Page='onboard'; Column='left' },
-    @{ Id='installDattoRMM';     Name='installDattoRMM';     Label='Install DattoRMM';      HandlerFn='Handle-InstallDattoRMM';     Page='onboard'; Column='left'; 
-        SubOptions= @(
-          @{ Value='inputVar'; Label='Copy Site Variables' },
-          @{ Value='rmm';      Label='Install RMM Agent'   },
-          @{ Value='exe';      Label='Download Executable' }
-        ) 
-    },
+      # Tweaks
+      @{ Id='disableAnimations';     Name='disableAnimations';     Label='Disable Animations';       HandlerFn='Disable-Animations'; Page='tweaks' },
 
-    # On-Boarding, right column (optional bits)
-    @{ Id='enableBitLocker';     Name='EnableBitLocker';     Label='Enable BitLocker';       HandlerFn='Set-SVSBitLocker';             Page='onboard'; Column='right' },
-    @{ Id='setEdgeDefaultSearch';Name='setedgedefaultsearch';Label='Set Edge Default Search'; Tooltip='Will configure Edge to use Google as default search provider'; HandlerFn='set-EdgeDefaultSearchProvider'; Page='onboard'; Column='right' },
+      # SVS Apps
+      @{ Id='wingetLastpass'; Name='wingetLastpass'; Label='LastPass Desktop App'; HandlerFn='Install-WingetLastPass'; Page='SVSApps' },
+      @{ Id='wingetChrome';   Name='wingetChrome';   Label='Google Chrome';        HandlerFn='Handle-InstallChrome';   Page='SVSApps' },
+      @{ Id='wingetAcrobat';  Name='wingetAcrobat';  Label='Adobe Acrobat Reader (64-bit)'; HandlerFn='Handle-InstallAcrobat'; Page='SVSApps' }
+    )
+    #endregion building the Menus
 
-    # Off-Boarding
-    @{ Id='uninstallCyberQP';      Name='uninstallCyberQP';      Label='Uninstall CyberQP';        HandlerFn='Uninstall-CyberQP';  Page='offboard' },
-    @{ Id='uninstallSVSMSPModule'; Name='uninstallSVSMSPModule'; Label='Uninstall SVSMSP Module';  HandlerFn='Cleanup-SVSMSP';     Page='offboard' },
+    #region Build-Checkboxes
+    function Build-Checkboxes {
+      param($Page, $Column)
 
-    # Tweaks
-    @{ Id='disableAnimations';     Name='disableAnimations';     Label='Disable Animations';       HandlerFn='Disable-Animations'; Page='tweaks' },
+      (
+        $Global:Tasks |
+          Where-Object Page   -EQ $Page   |
+          Where-Object Column -EQ $Column |
+          ForEach-Object {
+            $taskId   = $_.Id
+            $tooltip  = if ($_.PSObject.Properties.Name -contains 'Tooltip' -and $_.Tooltip) { " title='$($_.Tooltip)'" } else { '' }
 
-    # SVS Apps
-    @{ Id='wingetLastpass'; Name='wingetLastpass'; Label='LastPass Desktop App'; HandlerFn='Install-WingetLastPass'; Page='SVSApps' },
-    @{ Id='wingetChrome';   Name='wingetChrome';   Label='Google Chrome';        HandlerFn='Handle-InstallChrome';   Page='SVSApps' },
-    @{ Id='wingetAcrobat';  Name='wingetAcrobat';  Label='Adobe Acrobat Reader (64-bit)'; HandlerFn='Handle-InstallAcrobat'; Page='SVSApps' }
-  )
+            $html = "<label$tooltip><input type='checkbox' id='$taskId' name='$($_.Name)' data-column='$Column'> $($_.Label)</label>"
 
-  #endregion Tasks registry
-
-  #region Build-Checkboxes
-
-  function Build-Checkboxes {
-    param($Page, $Column)
-
-    (
-      $Global:Tasks |
-        Where-Object Page   -EQ $Page   |
-        Where-Object Column -EQ $Column |
-        ForEach-Object {
-          $taskId   = $_.Id
-          $tooltip  = if ($_.PSObject.Properties.Name -contains 'Tooltip' -and $_.Tooltip) {
-                        " title='$($_.Tooltip)'"
-                      } else { '' }
-
-          $html = "<label$tooltip><input type='checkbox' id='$taskId' name='$($_.Name)' data-column='$Column'> $($_.Label)</label>"
-
-          if ($_.SubOptions) {
-            $subHtml = (
-              $_.SubOptions |
-                ForEach-Object {
+            if ($_.SubOptions) {
+              $subHtml = (
+                $_.SubOptions | ForEach-Object {
                   "<label style='margin-left:20px; display:block;'>
                     <input type='checkbox' class='sub-option-$taskId' name='$($_.Value)' value='$($_.Value)'> $($_.Label)
                   </label>"
-              }
-            ) -join "`n"
+                }
+              ) -join "`n"
 
-            $html += @"
+              $html += @"
 <div id='${taskId}OptionsContainer' style='display:none; margin-top:4px;'>
 $subHtml
 </div>
 "@
+            }
+            $html
           }
-          $html
-        }
-    ) -join "`n"
+      ) -join "`n"
+    }
+    #endregion Build-Checkboxes
+
+    #region Get-ModuleVersionHtml
+    function Get-ModuleVersionHtml {
+      $mod = Get-Module -ListAvailable -Name SVSMSP | Sort-Object Version -Descending | Select-Object -First 1
+      if ($mod) { return "<div style='color:#bbb; font-size:0.9em; margin-top:1em;'>Module Version: $($mod.Version)</div>" }
+      return "<div style='color:#f66;'>SVSMSP_Module not found</div>"
+    }
+    #endregion Get-ModuleVersionHtml
+
+   #region Strat-Server
+  function Get-NextFreePort {
+    param([int]$Start = $Port)
+    for ($p = [Math]::Max(1024,$Start); $p -lt 65535; $p++) {
+      $l = [System.Net.Sockets.TcpListener]::new([Net.IPAddress]::Loopback, $p)
+      try { $l.Start(); $l.Stop(); return $p } catch {}
+    }
+    throw "No free TCP port available."
   }
 
-  #endregion Build-Checkboxes
-
-  #region Get-ModuleVersionHtml
-  function Get-ModuleVersionHtml {
-    $mod = Get-Module -ListAvailable -Name SVSMSP | Sort-Object Version -Descending | Select-Object -First 1
-    if ($mod) {
-      return "<div style='color:#bbb; font-size:0.9em; margin-top:1em;'>Module Version: $($mod.Version)</div>"
-    }
-    return "<div style='color:#f66;'>SVSMSP_Module not found</div>"
-  }
-  #endregion Get-ModuleVersionHtml
-
-  #region HTTP prereqs (URL ACL + port check)
-
-  function Ensure-HttpPrereqs {
-    param(
-      [int]$Port,
-      [string[]]$Prefixes
-    )
-
-    # Port already bound?
-    try {
-      $inUse = Get-NetTCPConnection -LocalPort $Port -State Listen -ErrorAction Stop
-    } catch { $inUse = $null }
-    if ($inUse) {
-      $pids = ($inUse | Select-Object -ExpandProperty OwningProcess -Unique) -join ','
-      throw "Port $Port is already in use (PID(s): $pids). Choose another port or stop the process."
-    }
-
-    # Ensure URL ACLs
-    $current = (& netsh http show urlacl) 2>$null
-    foreach ($p in $Prefixes) {
-      $pfx = if ($p.EndsWith('/')) { $p } else { "$p/" }
-      if ($null -eq $current -or ($current -join "`n") -notmatch [regex]::Escape($pfx)) {
-        $user = "$env:USERDOMAIN\$env:USERNAME"
-        $args = "http add urlacl url=$pfx user=""$user"" listen=yes"
-        $psi  = New-Object System.Diagnostics.ProcessStartInfo -Property @{
-          FileName        = 'netsh.exe'
-          Arguments       = $args
-          Verb            = 'runas'
-          UseShellExecute = $true
-          WindowStyle     = 'Hidden'
-        }
-        $proc = [System.Diagnostics.Process]::Start($psi); $proc.WaitForExit()
-        if ($proc.ExitCode -ne 0) {
-          throw "Failed to add URL ACL for $pfx (netsh exit $($proc.ExitCode))."
-        } else {
-          Write-LogHybrid "Registered URL ACL for $pfx" "Success" "Server" -LogToEvent
-        }
-      }
-    }
-  }
-
-  #endregion HTTP prereqs
-
-  #region Start-Server (hardened for 25H2)
-
+  # Starts the HTTP listener loop
   function Start-Server {
-    $prefixes = @("http://localhost:$Port/","http://127.0.0.1:$Port/")
-    try {
-      Ensure-HttpPrereqs -Port $Port -Prefixes $prefixes
-    } catch {
-      Write-LogHybrid "HTTP prereq check failed: $($_.Exception.Message)" "Error" "Server" -LogToEvent
-      throw
-    }
-
     $Global:Listener = [System.Net.HttpListener]::new()
-    foreach ($p in $prefixes) { $Global:Listener.Prefixes.Add($p) }
+    $primaryPrefix  = "http://localhost:$Port/"
+    $wildcardPrefix = "http://+:$Port/"
 
     try {
+      $Global:Listener.Prefixes.Add($primaryPrefix)
       $Global:Listener.Start()
-      Write-LogHybrid "Listening on $($prefixes -join ', ')" "Info" "Server" -LogToEvent
-    } catch {
-      Write-LogHybrid "HttpListener failed to start: $($_.Exception.Message)" "Error" "Server" -LogToEvent
-      if ($_.Exception.InnerException) {
-        Write-LogHybrid "Inner: $($_.Exception.InnerException.Message)" "Error" "Server" -LogToEvent
+      Write-LogHybrid "Listening on $primaryPrefix" Info Server -LogToEvent
+    }
+    catch [System.Net.HttpListenerException] {
+      if ($_.Exception.ErrorCode -eq 5) {
+        Write-LogHybrid "Access denied on $primaryPrefix. Attempting URL ACL…" Warning Server -LogToEvent
+        try {
+          $user = "$env:USERDOMAIN\$env:USERNAME"
+          if (-not $user.Trim()) { $user = $env:USERNAME }
+          Start-Process -FilePath "netsh" -ArgumentList "http add urlacl url=$wildcardPrefix user=`"$user`" listen=yes" -Verb RunAs -WindowStyle Hidden -Wait
+          $Global:Listener = [System.Net.HttpListener]::new()
+          $Global:Listener.Prefixes.Add($wildcardPrefix)
+          $Global:Listener.Start()
+          Write-LogHybrid "Listening on $wildcardPrefix (URL ACL added for $user)" Success Server -LogToEvent
+        } catch {
+          Write-LogHybrid "URL ACL registration failed: $($_.Exception.Message)" Error Server -LogToEvent
+          return
+        }
+      }
+      elseif ($_.Exception.NativeErrorCode -in 32,183) {
+        $old = $Port
+        $Port = Get-NextFreePort -Start ($Port + 1)
+        $Global:Listener = [System.Net.HttpListener]::new()
+        $primaryPrefix = "http://localhost:$Port/"
+        $Global:Listener.Prefixes.Add($primaryPrefix)
+        $Global:Listener.Start()
+        Write-LogHybrid "Port $old busy. Listening on $primaryPrefix" Warning Server -LogToEvent
+      }
+      else {
+        Write-LogHybrid "HttpListener start failed: $($_.Exception.Message)" Error Server -LogToEvent
+        return
       }
-      throw
     }
 
     try {
@@ -444,23 +419,21 @@ $subHtml
         try {
           Dispatch-Request $ctx
         } catch {
-          Write-LogHybrid "Dispatch error: $($_.Exception.Message)" "Error" "Server" -LogToEvent
-          $ctx.Response.StatusCode = 500
-          Respond-Text $ctx "Internal server error."
+          Write-LogHybrid "Dispatch error: $($_.Exception.Message)" Error Server -LogToEvent
         }
       }
-    } finally {
+    }
+    finally {
       $Global:Listener.Close()
-      Write-LogHybrid "Listener closed." "Info" "Server" -LogToEvent
+      Write-LogHybrid "Listener closed." Info Server -LogToEvent
     }
   }
+#endregion Strat-Server
 
-  #endregion Start-Server
 
-  #region UI HTML/JS
-
-  function Get-UIHtml {
-    param([string]$Page = 'onboard')
+    #region UIHtml  
+    function Get-UIHtml {
+      param([string]$Page = 'onboard')
 
 $style = @'
 <style>
@@ -476,6 +449,7 @@ $style = @'
     --btn-hover: rgba(0,86,179,1);
     --btn-hover-scale: 1.05;
     --btn-success: rgba(40,167,69);
+    --btn-success-disabled: rgba(108,117,125);
     --btn-danger: rgba(220,53,69);
   }
   body { font-family: Arial, sans-serif; margin:0; padding:0; background-color:var(--background-color); color:var(--white-color); height:100%; overflow:hidden; }
@@ -507,42 +481,33 @@ $style = @'
 
 $script = @'
 <script>
-let completedTasks = 0;
-let totalTasks = 0;
-function setTotalTaskCount(count){ totalTasks=count; completedTasks=0; updateTitle(); }
+let completedTasks=0,totalTasks=0;
+function setTotalTaskCount(c){totalTasks=c;completedTasks=0;updateTitle();}
 function logProgress(label,isSuccess){
-  const statusBox=document.getElementById('status-box');
+  const box=document.getElementById('status-box');
   completedTasks++; updateTitle();
   const msg=isSuccess?`✅ ${completedTasks}/${totalTasks} done: ${label}`:`❌ ${completedTasks}/${totalTasks} failed: ${label}`;
-  const div=document.createElement('div'); div.style.color=isSuccess?'lime':'red'; div.textContent=msg; statusBox?.appendChild(div);
-  if(completedTasks===totalTasks){
-    const finalMsg=document.createElement('div'); finalMsg.style.marginTop='10px'; finalMsg.innerHTML=`<strong>✅ All tasks complete (${completedTasks}/${totalTasks})</strong>`; statusBox?.appendChild(finalMsg);
+  const div=document.createElement('div'); div.style.color=isSuccess?'lime':'red'; div.textContent=msg; box?.appendChild(div);
+  if(completedTasks===totalTasks){ const finalMsg=document.createElement('div'); finalMsg.style.marginTop='10px'; finalMsg.innerHTML=`<strong>✅ All tasks complete (${completedTasks}/${totalTasks})</strong>`; box?.appendChild(finalMsg);
     document.title=`✅ ScriptMonkey - Complete (${completedTasks}/${totalTasks})`;
     const sound=new Audio('data:audio/wav;base64,UklGRiQAAABXQVZFZm10IBAAAAABAAEAESsAACJWAAACABAAZGF0YQAAAAA='); sound.play().catch(()=>{});
-    flashTitle(document.title);
-  }
+    flashTitle(document.title);}
 }
 function updateTitle(){ document.title=`ScriptMonkey - ${completedTasks}/${totalTasks} Done`; }
-function flashTitle(finalTitle){ let flashes=0; const interval=setInterval(()=>{ document.title=document.title===''?finalTitle:''; if(++flashes>=10){ clearInterval(interval); document.title=finalTitle;} },800); }
+function flashTitle(t){ let f=0; const i=setInterval(()=>{ document.title=document.title===''?t:''; if(++f>=10){ clearInterval(i); document.title=t; }},800); }
 
-// Tabs
-const tabButtons=document.querySelectorAll(".tab-button");
-const tabContents=document.querySelectorAll(".tab-content");
-tabButtons.forEach(btn=>{ btn.addEventListener("click",()=>{ tabButtons.forEach(b=>b.classList.remove("active")); tabContents.forEach(c=>c.classList.remove("active")); btn.classList.add("active"); document.getElementById(btn.dataset.tab).classList.add("active"); }); });
+const tabButtons=document.querySelectorAll(".tab-button"), tabContents=document.querySelectorAll(".tab-content");
+tabButtons.forEach(btn=>btn.addEventListener("click",()=>{ tabButtons.forEach(b=>b.classList.remove("active")); tabContents.forEach(c=>c.classList.remove("active")); btn.classList.add("active"); document.getElementById(btn.dataset.tab).classList.add("active"); }));
 document.querySelector(".tab-button[data-tab='{{defaultPage}}Tab']").classList.add("active");
 document.getElementById("{{defaultPage}}Tab").classList.add("active");
 
-// Tasks array
-const tasks = [
-{{tasksJsAll}}
-];
+const tasks=[ {{tasksJsAll}} ];
 
-// Select-All per column
 function toggleColumn(col){
   const master=document.getElementById(`selectAll${col[0].toUpperCase()+col.slice(1)}Checkbox`);
   const children=document.querySelectorAll(`#onboardTab input[type=checkbox][data-column=${col}]`);
-  children.forEach(cb=>{ cb.checked=master.checked; });
-  setTimeout(()=>{ children.forEach(cb=>cb.dispatchEvent(new Event('change'))); },0);
+  children.forEach(cb=>cb.checked=master.checked);
+  setTimeout(()=>children.forEach(cb=>cb.dispatchEvent(new Event('change'))),0);
 }
 function updateSelectAll(col){
   const master=document.getElementById(`selectAll${col[0].toUpperCase()+col.slice(1)}Checkbox`);
@@ -553,7 +518,6 @@ function updateSelectAll(col){
   document.querySelectorAll(`#onboardTab input[type=checkbox][data-column=${col}]`).forEach(cb=>cb.addEventListener('change',()=>updateSelectAll(col)));
 });
 
-// DattoRMM Master + Enter key shortcuts
 function toggleDattoRMMOptions(){
   const master=document.getElementById('installDattoRMM');
   const container=document.getElementById('installDattoRMMOptionsContainer');
@@ -564,12 +528,11 @@ function toggleDattoRMMOptions(){
 document.addEventListener('DOMContentLoaded',()=>{
   const master=document.getElementById('installDattoRMM'); if(master) master.addEventListener('change',toggleDattoRMMOptions);
   const passwordField=document.getElementById('Password'); const goButton=document.querySelector("button[onclick='fetchSites()']");
-  passwordField.addEventListener('keydown',(e)=>{ if(e.key==='Enter'){ goButton.click(); }});
+  if(passwordField && goButton){ passwordField.addEventListener('keydown',(e)=>{ if(e.key==='Enter'){ goButton.click(); }}); }
   const siteDropdown=document.getElementById('dattoDropdown'); const runButton=document.querySelector('.run-button');
-  siteDropdown.addEventListener('keydown',(e)=>{ if(e.key==='Enter' && siteDropdown.value){ runButton.click(); }});
+  if(siteDropdown && runButton){ siteDropdown.addEventListener('keydown',(e)=>{ if(e.key==='Enter' && siteDropdown.value){ runButton.click(); }}); }
 });
 
-// Fetch Sites
 async function fetchSites(){
   const pwd=document.getElementById("Password").value;
   if(!pwd){ alert("Please enter the password."); return; }
@@ -579,38 +542,34 @@ async function fetchSites(){
     const resp=await fetch("/getpw",{ method:"POST", headers:{ "Content-Type":"application/json" }, body:JSON.stringify({ password: pwd }) });
     if(!resp.ok) throw("HTTP "+resp.status);
     const sites=await resp.json(); dropdown.innerHTML='';
-    sites.forEach(site=>{ const option=document.createElement("option"); option.value=site.UID; option.textContent=site.Name; dropdown.appendChild(option); });
+    sites.forEach(site=>{ const o=document.createElement("option"); o.value=site.UID; o.textContent=site.Name; dropdown.appendChild(o); });
     document.getElementById("dattoRmmContainer").style.display="block";
   }catch(e){ console.error(e); dropdown.innerHTML='<option disabled selected>Error loading sites</option>'; alert("Failed to fetch sites. Check password and try again."); }
 }
 
-// Run Selected
 async function triggerInstall(){
   const runBtn=document.querySelector('.run-button'); runBtn.disabled=true;
-  const statusBox=document.getElementById('status-box'); if(statusBox) statusBox.innerHTML='';
+  const box=document.getElementById('status-box'); if(box) box.innerHTML='';
   try{
     const checkedTasks=tasks.filter(t=>{ const cb=document.getElementById(t.id); return cb && cb.checked; });
     setTotalTaskCount(checkedTasks.length);
 
-    // DattoRMM first
     const dattoCB=document.getElementById('installDattoRMM');
     if(dattoCB && dattoCB.checked){
       try{
         const sub=Array.from(document.querySelectorAll('.sub-option-installDattoRMM:checked')).map(x=>x.value);
-        const dropdown=document.getElementById('dattoDropdown'); const uid=dropdown?.value; const name=dropdown?.selectedOptions?.[0]?.text || 'Datto';
+        const dd=document.getElementById('dattoDropdown'); const uid=dd?.value; const name=dd?.selectedOptions?.[0]?.text || 'Datto';
         await fetch('/installDattoRMM',{ method:'POST', headers:{ 'Content-Type':'application/json' }, body:JSON.stringify({ checkedValues: sub, UID: uid, Name: name }) });
         logProgress('Install DattoRMM', true);
       }catch(e){ logProgress('Install DattoRMM', false); console.error(e); }
     }
 
-    // SVSMSP second
     const svsCB=document.getElementById('installSVSMSPModule');
     if(svsCB && svsCB.checked){
       try{ await fetch('/installSVSMSPModule',{ method:'GET' }); logProgress('Install SVSMSP Module', true); }
       catch(e){ logProgress('Install SVSMSP Module', false); console.error(e); }
     }
 
-    // Remaining tasks
     for(const t of tasks){
       if(['installDattoRMM','installSVSMSPModule'].includes(t.id)) continue;
       const cb=document.getElementById(t.id); if(!cb || !cb.checked) continue;
@@ -621,33 +580,29 @@ async function triggerInstall(){
   finally{ runBtn.disabled=false; }
 }
 
-// Quit
 function endSession(){ fetch("/quit",{ method:"GET" }).finally(()=>window.close()); }
 
-// Sub-options visibility on load
 document.addEventListener('DOMContentLoaded', function(){
-  const tasksWithSubOptions=document.querySelectorAll('[id$="OptionsContainer"]');
-  tasksWithSubOptions.forEach(container=>{
+  const containers=document.querySelectorAll('[id$="OptionsContainer"]');
+  containers.forEach(container=>{
     const taskId=container.id.replace('OptionsContainer','');
-    const masterCheckbox=document.getElementById(taskId);
-    if(!masterCheckbox) return;
-    function updateVisibility(){
-      const checked=masterCheckbox.checked;
-      container.style.display=checked?'block':'none';
-      container.querySelectorAll('input[type="checkbox"]').forEach(cb=>cb.checked=checked);
+    const master=document.getElementById(taskId);
+    if(!master) return;
+    function upd(){
+      const c=master.checked;
+      container.style.display=c?'block':'none';
+      container.querySelectorAll('input[type="checkbox"]').forEach(x=>x.checked=c);
       if(taskId==='installDattoRMM'){
         const pwdBox=document.getElementById('PasswordContainer');
         const rmmBox=document.getElementById('dattoRmmContainer');
-        if(pwdBox) pwdBox.style.display=checked?'block':'none';
-        if(rmmBox) rmmBox.style.display=checked?'block':'none';
+        if(pwdBox) pwdBox.style.display=c?'block':'none';
+        if(rmmBox) rmmBox.style.display=c?'block':'none';
       }
     }
-    masterCheckbox.addEventListener('change', updateVisibility);
-    updateVisibility();
+    master.addEventListener('change',upd); upd();
   });
 });
 
-// rotating tagline
 document.addEventListener('DOMContentLoaded', ()=>{
   const taglines=[
     "Fast deployments, no monkey business.",
@@ -667,7 +622,6 @@ document.addEventListener('DOMContentLoaded', ()=>{
   setInterval(()=>{ idx=(idx+1)%taglines.length; el.textContent=taglines[idx]; },10000);
 });
 
-// notify server on unload
 window.addEventListener('beforeunload', ()=>{ fetch('/quit', { method:'GET', keepalive:true }); });
 </script>
 '@
@@ -692,6 +646,7 @@ $style
     <img src="https://git.svstools.com/syelle/Logo/raw/branch/main/SAMY.png" alt="SAMY Logo" style="max-width:180px;">
     <div id="tagline" style="font-size:1.1rem; color:var(--light-gray-color); font-weight:bold;">Script Automation Monkey (Yeah!)</div>
   </div>
+  <div id="tagline"></div>
 </div>
 
 <div class="container">
@@ -705,7 +660,6 @@ $style
     <div id="onboardTab" class="tab-content">
       <h2>On-Boarding</h2>
       <h3 class="subtitle">This new deployment method ensures everything is successfully deployed with greater ease!</h3>
-
       <div class="columns-container">
         <div class="checkbox-group column">
           <h3>SVSMSP Stack</h3>
@@ -723,7 +677,7 @@ $style
         <label for="Password">Enter Password:</label>
         <div style="display:flex; gap:5px;">
           <input type="password" id="Password" placeholder="Enter Password" style="flex:1;" />
-          <button onclick="fetchSites()" style="padding:4px 10px;">GO!</button>
+          <button onclick="fetchSites()" style="padding:4px 10px; background-color: var(--btn-sidebar-blue); color: var(--white-color); border: none; border-radius: 4px;">GO!</button>
         </div>
       </div>
 
@@ -767,358 +721,468 @@ $script
 </html>
 "@
 
-    # Build dynamic sections
-    $onboardLeft  = Build-Checkboxes -Page 'onboard' -Column 'left'
-    $onboardRight = Build-Checkboxes -Page 'onboard' -Column 'right'
-    $offboard     = Build-Checkboxes -Page 'offboard'  -Column ''
-    $tweaks       = Build-Checkboxes -Page 'tweaks'    -Column ''
-    $apps         = Build-Checkboxes -Page 'SVSApps'   -Column ''
+      # Build the checkbox HTML/JS from $Global:Tasks
+      $onboardLeft  = Build-Checkboxes -Page 'onboard' -Column 'left'
+      $onboardRight = Build-Checkboxes -Page 'onboard' -Column 'right'
+      $offboard     = Build-Checkboxes -Page 'offboard'  -Column ''
+      $tweaks       = Build-Checkboxes -Page 'tweaks'    -Column ''
+      $apps         = Build-Checkboxes -Page 'SVSApps'   -Column ''
 
-    $tasksJsAll = (
-      $Global:Tasks | ForEach-Object {
-        "    { id: '$($_.Id)', handler: '/$($_.Name)', label: '$($_.Label)' }"
-      }
-    ) -join ",`n"
-
-    $html = $htmlTemplate
-    $html = $html.Replace('{{moduleVersion}}',       (Get-ModuleVersionHtml))
-    $html = $html.Replace('{{onboardLeftColumn}}',   $onboardLeft)
-    $html = $html.Replace('{{onboardRightColumn}}',  $onboardRight)
-    $html = $html.Replace('{{offboardCheckboxes}}',  $offboard)
-    $html = $html.Replace('{{tweaksCheckboxes}}',    $tweaks)
-    $html = $html.Replace('{{appsCheckboxes}}',      $apps)
-    $html = $html.Replace('{{tasksJsAll}}',          $tasksJsAll)
-    $html = $html.Replace('{{defaultPage}}',         $Page)
-
-    return $html
-  }
-
-  #endregion UI HTML/JS
-
-  #region HTTP response helpers + handlers
-
-  function Respond-Text { param($Context, $Text)
-    $bytes = [Text.Encoding]::UTF8.GetBytes($Text)
-    $Context.Response.ContentType     = 'text/plain'
-    $Context.Response.ContentLength64 = $bytes.Length
-    $Context.Response.OutputStream.Write($bytes,0,$bytes.Length)
-    $Context.Response.OutputStream.Close()
-  }
-
-  function Respond-HTML { [CmdletBinding()] param([Parameter(Mandatory)][object]$Context,[Parameter(Mandatory)][string]$Html)
-    $bytes = [Text.Encoding]::UTF8.GetBytes($Html)
-    $Context.Response.ContentType     = 'text/html'
-    $Context.Response.ContentLength64 = $bytes.Length
-    $Context.Response.OutputStream.Write($bytes, 0, $bytes.Length)
-    $Context.Response.OutputStream.Close()
-  }
-
-  function Respond-JSON { param($Context, $Object)
-    $json = $Object | ConvertTo-Json -Depth 5
-    $bytes = [Text.Encoding]::UTF8.GetBytes($json)
-    $Context.Response.ContentType     = 'application/json'
-    $Context.Response.ContentLength64 = $bytes.Length
-    $Context.Response.OutputStream.Write($bytes,0,$bytes.Length)
-    $Context.Response.OutputStream.Close()
-  }
-
-  function Handle-FetchSites { param($Context)
-    try {
-      $raw = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
-      $pw  = (ConvertFrom-Json $raw).password
-
-      # store for next call
-      $Global:WebhookPassword = $pw
-
-      $sites = Install-DattoRMM -UseWebhook -WebhookPassword $pw -FetchSites
-      Respond-JSON $Context $sites
-    }
-    catch {
-      Write-LogHybrid "Handle-FetchSites error: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-      $Context.Response.StatusCode = 500
-      Respond-Text $Context "Internal server error fetching sites."
-    }
-  }
-
-  function Handle-SetSVSPowerPlan { param($Context)
-    Set-SVSPowerPlan
-    Write-LogHybrid "PowerPlan set" "Success" "OnBoard"
-    Respond-Text  $Context "PowerPlan applied"
-  }
-
-  function Handle-InstallSVSMSP { param($Context)
-    Write-LogHybrid "HTTP trigger: Handle-InstallSVSMSP" "Info" "OnBoard"
-    try {
-      Install-SVSMSP -InstallToolkit
-      Respond-Text $Context "SVSMSP Module installed/updated."
-    } catch {
-      Write-LogHybrid "Error in Install-SVSMSP: $_" "Error" "OnBoard"
-      Respond-Text $Context "ERROR: $_"
-    }
-  }
-
-  function Handle-InstallCyberQP { param($Context)
-    Install-CyberQP
-    Write-LogHybrid "CyberQP installed" "Success" "OnBoard"
-    Respond-Text $Context "CyberQP installed"
-  }
-
-  function Handle-InstallThreatLocker { param($Context)
-    Install-ThreatLocker
-    Write-LogHybrid "ThreatLocker installed" "Success" "OnBoard"
-    Respond-Text $Context "ThreatLocker installed"
-  }
-
-  function Handle-InstallRocketCyber { param($Context)
-    Install-RocketCyber
-    Write-LogHybrid "RocketCyber installed" "Success" "OnBoard"
-    Respond-Text $Context "RocketCyber installed"
-  }
-
-  function Handle-InstallSVSHelpDesk { param($Context)
-    Install-SVSHelpDesk
-    Write-LogHybrid "SVS HelpDesk installed" "Success" "OnBoard"
-    Respond-Text $Context "SVS HelpDesk installed"
-  }
-
-  # New: winget app handlers
-  function Handle-InstallChrome { param($Context)
-    try {
-      winget install --id=Google.Chrome --silent --accept-package-agreements --accept-source-agreements
-      Write-LogHybrid "Installed Google Chrome via winget" "Success" "SVSApps" -LogToEvent
-      Respond-Text $Context "Chrome installed"
-    } catch {
-      Write-LogHybrid "Chrome install failed: $($_.Exception.Message)" "Error" "SVSApps" -LogToEvent
-      Respond-Text $Context "ERROR: $($_.Exception.Message)"
-    }
-  }
-
-  function Handle-InstallAcrobat { param($Context)
-    try {
-      winget install --id=Adobe.Acrobat.Reader.64-bit --silent --accept-package-agreements --accept-source-agreements
-      Write-LogHybrid "Installed Adobe Acrobat Reader (64-bit) via winget" "Success" "SVSApps" -LogToEvent
-      Respond-Text $Context "Acrobat Reader installed"
-    } catch {
-      Write-LogHybrid "Acrobat install failed: $($_.Exception.Message)" "Error" "SVSApps" -LogToEvent
-      Respond-Text $Context "ERROR: $($_.Exception.Message)"
-    }
-  }
-
-  function Handle-InstallDattoRMM { param($Context)
-    try {
-      if ($Context.Request.HttpMethod -ne 'POST') {
-        $Context.Response.StatusCode = 405
-        Respond-Text $Context 'Use POST'
-        return
-      }
-
-      $body = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
-      $data = ConvertFrom-Json $body
-
-      Install-DattoRMM `
-        -UseWebhook `
-        -WebhookPassword $Global:WebhookPassword `
-        -SiteUID      $data.UID `
-        -SiteName     $data.Name `
-        -PushSiteVars:($data.checkedValues -contains 'inputVar') `
-        -InstallRMM:   ($data.checkedValues -contains 'rmm') `
-        -SaveCopy:     ($data.checkedValues -contains 'exe')
-
-      Respond-Text $Context "Triggered DattoRMM for $($data.Name)"
-    }
-    catch {
-      Write-LogHybrid "Handle-InstallDattoRMM error: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-      $Context.Response.StatusCode = 500
-      Respond-Text $Context "Internal server error during DattoRMM install."
-    }
-  }
-
-  #endregion HTTP response helpers + handlers
-
-  #region Install-DattoRMM
-
-function Install-DattoRMM {
-    [CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact='Medium')]
-    param (
-        [switch]$UseWebhook,
-        [string]$WebhookPassword,
-        [string]$WebhookUrl    = $Global:DattoWebhookUrl,
-        [string]$ApiUrl,
-        [string]$ApiKey,
-        [string]$ApiSecretKey,
-        [switch]$FetchSites,
-        [switch]$SaveSitesList,
-        [string]$OutputFile      = 'datto_sites.csv',
-        [switch]$PushSiteVars,
-        [switch]$InstallRMM,
-        [switch]$SaveCopy,
-        [string]$SiteUID,
-        [string]$SiteName
-    )
-
-    # Guard: SaveSitesList requires FetchSites
-    if ($SaveSitesList -and -not $FetchSites) {
-        Write-LogHybrid "-SaveSitesList requires -FetchSites." "Error" "DattoRMM" -LogToEvent
-        return
-    }
-
-    # 1) Optionally fetch credentials from webhook
-    if ($UseWebhook) {
-        if (-not $WebhookPassword) {
-            Write-LogHybrid "Webhook password missing." "Error" "DattoRMM" -LogToEvent
-            return
-        }
-        try {
-            $resp = Invoke-RestMethod -Uri $WebhookUrl -Headers @{ SVSMSPKit = $WebhookPassword } -Method GET
-            $ApiUrl       = $resp.ApiUrl
-            $ApiKey       = $resp.ApiKey
-            $ApiSecretKey = $resp.ApiSecretKey
-            Write-LogHybrid "Webhook credentials fetched." "Success" "DattoRMM" -LogToEvent
-        } catch {
-            Write-LogHybrid "Failed to fetch webhook credentials: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-            return
+      $tasksJsAll = (
+        $Global:Tasks | ForEach-Object {
+          "    { id: '$($_.Id)', handler: '/$($_.Name)', label: '$($_.Label)' }"
         }
+      ) -join ",`n"
+
+      $html = $htmlTemplate
+      $html = $html.Replace('{{moduleVersion}}', (Get-ModuleVersionHtml))
+      $html = $html.Replace('{{onboardLeftColumn}}',  $onboardLeft)
+      $html = $html.Replace('{{onboardRightColumn}}', $onboardRight)
+      $html = $html.Replace('{{offboardCheckboxes}}', $offboard)
+      $html = $html.Replace('{{tweaksCheckboxes}}',   $tweaks)
+      $html = $html.Replace('{{appsCheckboxes}}',     $apps)
+      $html = $html.Replace('{{tasksJsAll}}',         $tasksJsAll)
+      $html = $html.Replace('{{defaultPage}}',        $Page)
+
+      return $html
+    }
+    #endregion UIHtml 
+
+    #region HTTP helpers + Handlers
+    function Respond-Text {
+      param($Context, $Text)
+      $bytes = [Text.Encoding]::UTF8.GetBytes($Text)
+      $Context.Response.ContentType     = 'text/plain'
+      $Context.Response.ContentLength64 = $bytes.Length
+      $Context.Response.OutputStream.Write($bytes,0,$bytes.Length)
+      $Context.Response.OutputStream.Close()
     }
 
-    # 2) Validate API params
-    if (-not $ApiUrl -or -not $ApiKey -or -not $ApiSecretKey) {
-        Write-LogHybrid "Missing required API parameters." "Error" "DattoRMM" -LogToEvent
-        return
+    function Respond-HTML {
+      [CmdletBinding()]
+      param(
+        [Parameter(Mandatory = $true)][object] $Context,
+        [Parameter(Mandatory = $true)][string] $Html
+      )
+      $bytes = [Text.Encoding]::UTF8.GetBytes($Html)
+      $Context.Response.ContentType     = 'text/html'
+      $Context.Response.ContentLength64 = $bytes.Length
+      $Context.Response.OutputStream.Write($bytes, 0, $bytes.Length)
+      $Context.Response.OutputStream.Close()
     }
 
-    # 3) Acquire OAuth token
-    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
-    try {
-        $publicCred = New-Object System.Management.Automation.PSCredential(
-            'public-client', (ConvertTo-SecureString 'public' -AsPlainText -Force)
-        )
-        $tokenResp = Invoke-RestMethod -Uri "$ApiUrl/auth/oauth/token" `
-                                       -Credential $publicCred `
-                                       -Method Post `
-                                       -ContentType 'application/x-www-form-urlencoded' `
-                                       -Body "grant_type=password&username=$ApiKey&password=$ApiSecretKey"
-        $token = $tokenResp.access_token
-        Write-LogHybrid "OAuth token acquired." "Success" "DattoRMM" -LogToEvent
-    } catch {
-        Write-LogHybrid "OAuth token fetch failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-        return
-    }
-    $headers = @{ Authorization = "Bearer $token" }
-
-    # 4) Fetch site list (optional early-exit)
-    if ($FetchSites) {
-        try {
-            $sitesResp = Invoke-RestMethod -Uri "$ApiUrl/api/v2/account/sites" -Method Get -Headers $headers
-            $siteList = $sitesResp.sites | ForEach-Object {
-                [PSCustomObject]@{ Name = $_.name; UID = $_.uid }
-            }
-            Write-LogHybrid "Fetched $($siteList.Count) sites." "Success" "DattoRMM" -LogToEvent
-
-            if ($SaveSitesList) {
-                $desktop = [Environment]::GetFolderPath('Desktop')
-                $path    = Join-Path $desktop $OutputFile
-                $ext     = [IO.Path]::GetExtension($OutputFile).ToLower()
-                if ($ext -eq '.json') {
-                    $siteList | ConvertTo-Json -Depth 3 | Out-File -FilePath $path -Encoding UTF8
-                } else {
-                    $siteList | Export-Csv -Path $path -NoTypeInformation -Encoding UTF8
-                }
-                Write-LogHybrid "Wrote $($siteList.Count) sites to $path" "Success" "DattoRMM" -LogToEvent
-            }
-
-            return $siteList
-        } catch {
-            Write-LogHybrid "Failed to fetch sites: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-            return @()
-        }
+    function Respond-JSON {
+      param($Context, $Object)
+      $json = $Object | ConvertTo-Json -Depth 5
+      $bytes = [Text.Encoding]::UTF8.GetBytes($json)
+      $Context.Response.ContentType     = 'application/json'
+      $Context.Response.ContentLength64 = $bytes.Length
+      $Context.Response.OutputStream.Write($bytes,0,$bytes.Length)
+      $Context.Response.OutputStream.Close()
     }
 
-    # 5) Push site variables (optional)
-    if ($PushSiteVars) {
-        try {
-            $varsResp = Invoke-RestMethod -Uri "$ApiUrl/api/v2/site/$SiteUID/variables" -Method Get -Headers $headers
-            Write-LogHybrid "Fetched variables for '$SiteName'." "Success" "DattoRMM" -LogToEvent
-            $regPath = "HKLM:\Software\SVS\Deployment"
-            if (-not (Test-Path $regPath)) { New-Item -Path $regPath -Force | Out-Null }
-            foreach ($v in $varsResp.variables) {
-                try {
-                    New-ItemProperty -Path $regPath -Name $v.name -Value $v.value -PropertyType String -Force | Out-Null
-                    Write-LogHybrid "Wrote '$($v.name)' to registry." "Success" "DattoRMM" -LogToEvent
-                } catch {
-                    Write-LogHybrid "Failed to write '$($v.name)': $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-                }
-            }
-        } catch {
-            Write-LogHybrid "Variable fetch failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-        }
-    }
-
-    # 6) Download & install RMM agent (optional)
-    if ($InstallRMM) {
-        if ($PSCmdlet.ShouldProcess("Site '$SiteName'", "Install RMM agent")) {
-            try {
-                $dlUrl = "https://zinfandel.centrastage.net/csm/profile/downloadAgent/$SiteUID"
-                $tmp   = "$env:TEMP\AgentInstall.exe"
-                Invoke-WebRequest -Uri $dlUrl -OutFile $tmp -UseBasicParsing
-                Write-LogHybrid "Downloaded agent to $tmp." "Info" "DattoRMM" -LogToEvent
-                Start-Process -FilePath $tmp -NoNewWindow
-                Write-LogHybrid "RMM agent installer launched." "Success" "DattoRMM" -LogToEvent
-            } catch {
-                Write-LogHybrid "Agent install failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-            }
-        }
-    }
-
-    # 7) Save a copy of installer to C:\Temp (optional)
-    if ($SaveCopy) {
-        try {
-            $dlUrl = "https://zinfandel.centrastage.net/csm/profile/downloadAgent/$SiteUID"
-            $path  = "C:\Temp\AgentInstall.exe"
-            if (-not (Test-Path 'C:\Temp')) { New-Item -Path 'C:\Temp' -ItemType Directory | Out-Null }
-            Invoke-WebRequest -Uri $dlUrl -OutFile $path -UseBasicParsing
-            Write-LogHybrid "Saved installer copy to $path." "Info" "DattoRMM" -LogToEvent
-        } catch {
-            Write-LogHybrid "Save-copy failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
-        }
-    }
-
-    # 8) No-op warning
-    if (-not ($PushSiteVars -or $InstallRMM -or $SaveCopy)) {
-        Write-LogHybrid "No action specified. Use -FetchSites, -SaveSitesList, -PushSiteVars, -InstallRMM, or -SaveCopy." "Warning" "DattoRMM" -LogToEvent
-    }
-}
-
-    [CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact='Medium')]
-    param (
-      [switch]$UseWebhook,
-      [string]$WebhookPassword,
-      [string]$WebhookUrl    = $Global:DattoWebhookUrl,
-      [string]$ApiUrl,
-      [string]$ApiKey,
-      [string]$ApiSecretKey,
-      [switch]$FetchSites,
-      [switch]$SaveSitesList,
-      [string]$OutputFile      = 'datto_sites.csv',
-      [switch]$PushSiteVars,
-      [switch]$InstallRMM,
-      [switch]$SaveCopy,
-      [string]$SiteUID,
-      [string]$SiteName
-    )
-
-    if ($SaveSitesList -and -not $FetchSites) {
-      Write-LogHybrid "-SaveSitesList requires -FetchSites." "Error" "DattoRMM" -LogToEvent; return
-    }
-
-    if ($UseWebhook) {
-      if (-not $WebhookPassword) {
-        Write-LogHybrid "Webhook password missing." "Error" "DattoRMM" -LogToEvent; return
-      }
+    function Handle-FetchSites {
+      param($Context)
       try {
-        $resp = Invoke-RestMethod -Uri $WebhookUrl -Headers @{ SVSMSPKit = $WebhookPassword } -Method GET
-        $ApiUrl       = $resp.ApiUrl
-        $ApiKey       = $resp.ApiKey
-        $ApiSecretKey = $resp.ApiSecretKey
-        Write-LogHybrid "Webhook credentials fetched." "Success" "DattoRMM" -LogToEvent
+        $raw = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
+        $pw  = (ConvertFrom-Json $raw).password
+        $Global:WebhookPassword = $pw
+        $sites = Install-DattoRMM -UseWebhook -WebhookPassword $pw -FetchSites
+        Respond-JSON $Context $sites
       } catch {
-        Write-LogHybrid "Failed to fetch webhook credentials: $($_.Exception.Message)" "Error" "DattoRMM" -L_
+        Write-LogHybrid "Handle-FetchSites error: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+        $Context.Response.StatusCode = 500
+        Respond-Text $Context "Internal server error fetching sites."
+      }
+    }
+
+    function Handle-SetSVSPowerPlan { param($Context)
+      Set-SVSPowerPlan
+      Write-LogHybrid "PowerPlan set" "Success" "OnBoard"
+      Respond-Text  $Context "PowerPlan applied"
+    }
+
+    function Handle-InstallSVSMSP {
+      param($Context)
+      Write-LogHybrid "HTTP trigger: Handle-InstallSVSMSP" "Info" "OnBoard"
+      try {
+        Install-SVSMSP -InstallToolkit
+        Respond-Text $Context "SVSMSP Module installed/updated."
+      } catch {
+        Write-LogHybrid "Error in Install-SVSMSP: $($_.Exception.Message)" "Error" "OnBoard"
+        Respond-Text $Context "ERROR: $($_.Exception.Message)"
+      }
+    }
+
+    function Handle-InstallCyberQP { param($Context)
+      Install-CyberQP
+      Write-LogHybrid "CyberQP installed" "Success" "OnBoard"
+      Respond-Text $Context "CyberQP installed"
+    }
+
+    function Handle-InstallThreatLocker { param($Context)
+      Install-ThreatLocker
+      Write-LogHybrid "ThreatLocker installed" "Success" "OnBoard"
+      Respond-Text $Context "ThreatLocker installed"
+    }
+
+    function Handle-InstallRocketCyber { param($Context)
+      Install-RocketCyber
+      Write-LogHybrid "RocketCyber installed" "Success" "OnBoard"
+      Respond-Text $Context "RocketCyber installed"
+    }
+
+    function Handle-InstallSVSHelpDesk { param($Context)
+      Install-SVSHelpDesk
+      Write-LogHybrid "SVS HelpDesk installed" "Success" "OnBoard"
+      Respond-Text $Context "SVS HelpDesk installed"
+    }
+
+    # NEW: Winget app handlers
+    function Handle-InstallChrome { param($Context)
+      try {
+        winget install --id=Google.Chrome --silent --accept-package-agreements --accept-source-agreements
+        Write-LogHybrid "Installed Google Chrome via winget" "Success" "SVSApps" -LogToEvent
+        Respond-Text $Context "Chrome installed"
+      } catch {
+        Write-LogHybrid "Chrome install failed: $($_.Exception.Message)" "Error" "SVSApps" -LogToEvent
+        Respond-Text $Context "ERROR: $($_.Exception.Message)"
+      }
+    }
+
+    function Handle-InstallAcrobat { param($Context)
+      try {
+        winget install --id=Adobe.Acrobat.Reader.64-bit --silent --accept-package-agreements --accept-source-agreements
+        Write-LogHybrid "Installed Adobe Acrobat Reader (64-bit) via winget" "Success" "SVSApps" -LogToEvent
+        Respond-Text $Context "Acrobat Reader installed"
+      } catch {
+        Write-LogHybrid "Acrobat install failed: $($_.Exception.Message)" "Error" "SVSApps" -LogToEvent
+        Respond-Text $Context "ERROR: $($_.Exception.Message)"
+      }
+    }
+
+    function Handle-InstallDattoRMM {
+      param($Context)
+      try {
+        if ($Context.Request.HttpMethod -ne 'POST') {
+          $Context.Response.StatusCode = 405
+          Respond-Text $Context 'Use POST'
+          return
+        }
+        $body = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
+        $data = ConvertFrom-Json $body
+        Install-DattoRMM `
+          -UseWebhook `
+          -WebhookPassword $Global:WebhookPassword `
+          -SiteUID      $data.UID `
+          -SiteName     $data.Name `
+          -PushSiteVars:($data.checkedValues -contains 'inputVar') `
+          -InstallRMM:   ($data.checkedValues -contains 'rmm') `
+          -SaveCopy:     ($data.checkedValues -contains 'exe')
+        Respond-Text $Context "Triggered DattoRMM for $($data.Name)"
+      } catch {
+        Write-LogHybrid "Handle-InstallDattoRMM error: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+        $Context.Response.StatusCode = 500
+        Respond-Text $Context "Internal server error during DattoRMM install."
+      }
+    }
+    #endregion HTTP helpers + Handlers
+
+    #region Install-DattoRMM
+function Install-DattoRMM {
+  [CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact='Medium')]
+  param (
+    [switch]$UseWebhook,
+    [string]$WebhookPassword,
+    [string]$WebhookUrl    = $Global:DattoWebhookUrl,
+    [string]$ApiUrl,
+    [string]$ApiKey,
+    [string]$ApiSecretKey,
+    [switch]$FetchSites,
+    [switch]$SaveSitesList,
+    [string]$OutputFile      = 'datto_sites.csv',
+    [switch]$PushSiteVars,
+    [switch]$InstallRMM,
+    [switch]$SaveCopy,
+    [string]$SiteUID,
+    [string]$SiteName
+  )
+
+  if ($SaveSitesList -and -not $FetchSites) {
+    Write-LogHybrid "-SaveSitesList requires -FetchSites." "Error" "DattoRMM" -LogToEvent
+    return
+  }
+
+  if ($UseWebhook) {
+    if (-not $WebhookPassword) {
+      Write-LogHybrid "Webhook password missing." "Error" "DattoRMM" -LogToEvent
+      return
+    }
+    try {
+      $resp = Invoke-RestMethod -Uri $WebhookUrl -Headers @{ SVSMSPKit = $WebhookPassword } -Method GET
+      $ApiUrl       = $resp.ApiUrl
+      $ApiKey       = $resp.ApiKey
+      $ApiSecretKey = $resp.ApiSecretKey
+      Write-LogHybrid "Webhook credentials fetched." "Success" "DattoRMM" -LogToEvent
+    } catch {
+      Write-LogHybrid "Failed to fetch webhook credentials: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+      return
+    }
+  }
+
+  if (-not $ApiUrl -or -not $ApiKey -or -not $ApiSecretKey) {
+    Write-LogHybrid "Missing required API parameters." "Error" "DattoRMM" -LogToEvent
+    return
+  }
+
+  [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+  try {
+    $publicCred = New-Object System.Management.Automation.PSCredential('public-client',(ConvertTo-SecureString 'public' -AsPlainText -Force))
+    $tokenResp = Invoke-RestMethod -Uri "$ApiUrl/auth/oauth/token" -Credential $publicCred -Method Post -ContentType 'application/x-www-form-urlencoded' -Body "grant_type=password&username=$ApiKey&password=$ApiSecretKey"
+    $token = $tokenResp.access_token
+    Write-LogHybrid "OAuth token acquired." "Success" "DattoRMM" -LogToEvent
+  } catch {
+    Write-LogHybrid "OAuth token fetch failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+    return
+  }
+  $headers = @{ Authorization = "Bearer $token" }
+
+  if ($FetchSites) {
+    try {
+      $sitesResp = Invoke-RestMethod -Uri "$ApiUrl/api/v2/account/sites" -Method Get -Headers $headers
+      $siteList = $sitesResp.sites | ForEach-Object { [PSCustomObject]@{ Name = $_.name; UID = $_.uid } }
+      Write-LogHybrid "Fetched $($siteList.Count) sites." "Success" "DattoRMM" -LogToEvent
+
+      if ($SaveSitesList) {
+        $desktop = [Environment]::GetFolderPath('Desktop')
+        $path    = Join-Path $desktop $OutputFile
+        $ext     = [IO.Path]::GetExtension($OutputFile).ToLower()
+        if ($ext -eq '.json') {
+          $siteList | ConvertTo-Json -Depth 3 | Out-File -FilePath $path -Encoding UTF8
+        } else {
+          $siteList | Export-Csv -Path $path -NoTypeInformation -Encoding UTF8
+        }
+        Write-LogHybrid "Wrote $($siteList.Count) sites to $path" "Success" "DattoRMM" -LogToEvent
+      }
+
+      return $siteList
+    } catch {
+      Write-LogHybrid "Failed to fetch sites: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+      return @()
+    }
+  }
+
+  if ($PushSiteVars) {
+    try {
+      $varsResp = Invoke-RestMethod -Uri "$ApiUrl/api/v2/site/$SiteUID/variables" -Method Get -Headers $headers
+      Write-LogHybrid "Fetched variables for '$SiteName'." "Success" "DattoRMM" -LogToEvent
+    } catch {
+      Write-LogHybrid "Variable fetch failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+    }
+    $regPath = "HKLM:\Software\SVS\Deployment"
+    foreach ($v in $varsResp.variables) {
+      try {
+        if (-not (Test-Path $regPath)) { New-Item -Path $regPath -Force | Out-Null }
+        New-ItemProperty -Path $regPath -Name $v.name -Value $v.value -PropertyType String -Force | Out-Null
+        Write-LogHybrid "Wrote '$($v.name)' to registry." "Success" "DattoRMM" -LogToEvent
+      } catch {
+        Write-LogHybrid "Failed to write '$($v.name)': $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+      }
+    }
+  }
+
+  if ($InstallRMM) {
+    if ($PSCmdlet.ShouldProcess("Site '$SiteName'", "Install RMM agent")) {
+      try {
+        $dlUrl = "https://zinfandel.centrastage.net/csm/profile/downloadAgent/$SiteUID"
+        $tmp   = "$env:TEMP\AgentInstall.exe"
+        Invoke-WebRequest -Uri $dlUrl -OutFile $tmp -UseBasicParsing
+        Write-LogHybrid "Downloaded agent to $tmp." "Info" "DattoRMM" -LogToEvent
+        Start-Process -FilePath $tmp -NoNewWindow
+        Write-LogHybrid "RMM agent installer launched." "Success" "DattoRMM" -LogToEvent
+      } catch {
+        Write-LogHybrid "Agent install failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+      }
+    }
+  }
+
+  if ($SaveCopy) {
+    try {
+      $dlUrl = "https://zinfandel.centrastage.net/csm/profile/downloadAgent/$SiteUID"
+      $path  = "C:\Temp\AgentInstall.exe"
+      if (-not (Test-Path 'C:\Temp')) { New-Item -Path 'C:\Temp' -ItemType Directory | Out-Null }
+      Invoke-WebRequest -Uri $dlUrl -OutFile $path -UseBasicParsing
+      Write-LogHybrid "Saved installer copy to $path." "Info" "DattoRMM" -LogToEvent
+    } catch {
+      Write-LogHybrid "Save-copy failed: $($_.Exception.Message)" "Error" "DattoRMM" -LogToEvent
+    }
+  }
+
+  if (-not ($PushSiteVars -or $InstallRMM -or $SaveCopy)) {
+    Write-LogHybrid "No action specified. Use -FetchSites, -SaveSitesList, -PushSiteVars, -InstallRMM, or -SaveCopy." "Warning" "DattoRMM" -LogToEvent
+  }
+}
+    #endregion Install-DattoRMM
+
+    #region Dispatch-Request
+    function Dispatch-Request {
+      param($Context)
+
+      $path = $Context.Request.Url.AbsolutePath.TrimStart('/')
+
+      if ($path -eq 'quit') {
+        Write-LogHybrid "Shutdown requested" "Info" "Server" -LogToEvent
+        Respond-Text $Context "Server shutting down."
+        $Global:Listener.Stop()
+        return
+      }
+
+      if ($Context.Request.HttpMethod -eq 'POST' -and $path -eq 'getpw') {
+        Handle-FetchSites $Context
+        return
+      }
+
+      if ($path -in @('', 'onboard', 'offboard', 'tweaks', 'SVSApps')) {
+        $page = if ($path -eq '') { 'onboard' } else { $path }
+        $html = Get-UIHtml -Page $page
+        Respond-HTML $Context $html
+        return
+      }
+          
+      $task = $Global:Tasks | Where-Object Name -EQ $path
+      if ($task) { & $task.HandlerFn $Context; return }
+
+      $Context.Response.StatusCode = 404
+      Respond-Text $Context '404 - Not Found'
+    }
+    #endregion Dispatch-Request
+
+    #region MAIN MODE SWITCH
+    switch ($PSCmdlet.ParameterSetName) {
+      'Toolkit' {
+        Write-LogHybrid "Toolkit-only mode" "Info" "Startup" -LogToEvent
+        Install-SVSMSP -InstallToolkit
+        return
+      }
+      'Cleanup' {
+        Write-LogHybrid "Running Toolkit cleanup mode" "Info" "Startup" -LogToEvent
+        Install-SVSMSP -Cleanup
+        return
+      }
+      'DattoFetch' {
+        Write-LogHybrid "Fetching site list only…" "Info" "DattoAuth" -LogToEvent
+        $sites = Install-DattoRMM -UseWebhook -WebhookPassword $WebhookPassword -FetchSites -SaveSitesList:$SaveSitesList -OutputFile $OutputFile
+        Write-LogHybrid "Done." "Success" "DattoAuth" -LogToEvent
+        return
+      }
+      'DattoInstall' {
+        Write-LogHybrid "Headless DattoRMM deploy" "Info" "DattoAuth" -LogToEvent
+        if ($PSCmdlet.ShouldProcess("Datto site '$SiteName'", "Headless install")) {
+          Install-DattoRMM -UseWebhook -WebhookPassword $WebhookPassword -SiteUID $SiteUID -SiteName $SiteName -PushSiteVars:$PushSiteVars -InstallRMM:$InstallRMM -SaveCopy:$SaveCopy
+        }
+        return
+      }
+            'UI' {
+        Write-LogHybrid "Starting ScriptMonkey UI on http://localhost:$Port/" Info Startup
+        try {
+          Start-Server
+          try {
+            Start-Process "msedge.exe" -ArgumentList "--app=http://localhost:$Port" -ErrorAction Stop
+          } catch {
+            Start-Process "http://localhost:$Port"
+          }
+        } catch {
+          Write-LogHybrid "Failed to start server: $($_.Exception.Message)" Error Startup -LogToEvent
+        }
+        return
+      }
+
+    }
+    #endregion MAIN MODE SWITCH
+
+    #region Bootstrap NuGet/PSGallery silently
+    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+    $ProgressPreference = 'SilentlyContinue'
+    $ConfirmPreference  = 'None'
+
+    $provPath = "$env:ProgramData\PackageManagement\ProviderAssemblies"
+    if (-not (Test-Path $provPath)) {
+      try {
+        New-Item -Path $provPath -ItemType Directory -Force -ErrorAction Stop | Out-Null
+        Write-LogHybrid "Created missing provider folder: $provPath" "Info" "Bootstrap" -LogToEvent
+      } catch {
+        Write-LogHybrid "Failed to create provider folder: $($_.Exception.Message)" "Warning" "Bootstrap" -LogToEvent
+      }
+    }
+
+    if (-not (Get-Command Install-PackageProvider -ErrorAction SilentlyContinue)) {
+      try {
+        Install-Module PowerShellGet -Force -AllowClobber -Confirm:$false -ErrorAction Stop
+        Write-LogHybrid "Installed PowerShellGet module" "Info" "Bootstrap" -LogToEvent
+      } catch {
+        Write-LogHybrid "PowerShellGet install failed: $($_.Exception.Message)" "Error" "Bootstrap" -LogToEvent
+      }
+    }
+
+    $pkgMgmtVersion = (Get-Module PackageManagement -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Version
+    if ($pkgMgmtVersion -lt [Version]"1.3.1") {
+      try {
+        Install-Module PackageManagement -Force -AllowClobber -Confirm:$false -ErrorAction Stop
+        Write-LogHybrid "Updated PackageManagement to latest version" "Info" "Bootstrap" -LogToEvent
+      } catch {
+        Write-LogHybrid "PackageManagement update failed: $($_.Exception.Message)" "Warning" "Bootstrap" -LogToEvent
+      }
+    }
+
+    Import-Module PackageManagement -Force -ErrorAction SilentlyContinue | Out-Null
+    Import-Module PowerShellGet     -Force -ErrorAction SilentlyContinue | Out-Null
+
+    $gallery = Get-PSRepository -Name PSGallery -ErrorAction SilentlyContinue
+    if ($gallery -and $gallery.InstallationPolicy -ne 'Trusted') {
+      try {
+        Set-PSRepository -Name PSGallery -InstallationPolicy Trusted -ErrorAction Stop
+        Write-LogHybrid "PSGallery marked as Trusted" "Info" "Bootstrap" -LogToEvent
+      } catch {
+        Write-LogHybrid "Failed to trust PSGallery: $($_.Exception.Message)" "Warning" "Bootstrap" -LogToEvent
+      }
+    }
+
+    $nuget = Get-PackageProvider -Name NuGet -ListAvailable -ErrorAction SilentlyContinue
+    if (-not $nuget) {
+      try {
+        Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Confirm:$false -ErrorAction Stop
+        $nuget = Get-PackageProvider -Name NuGet -ListAvailable -ErrorAction SilentlyContinue
+        Write-LogHybrid "Installed NuGet provider v$($nuget.Version)" "Info" "Bootstrap" -LogToEvent
+      } catch {
+        Write-LogHybrid "NuGet install failed: $($_.Exception.Message)" "Error" "Bootstrap" -LogToEvent
+      }
+    } else {
+      Write-LogHybrid "NuGet provider already present (v$($nuget.Version))" "Info" "Bootstrap" -LogToEvent
+    }
+
+    try { Import-PackageProvider -Name NuGet -Force -ErrorAction Stop | Out-Null }
+    catch { Write-LogHybrid "NuGet provider import failed: $($_.Exception.Message)" "Error" "Bootstrap" -LogToEvent }
+    #endregion Bootstrap NuGet/PSGallery silently
+}
+# end function Invoke-ScriptMonkey
+
+# Entrypoint
+if ($MyInvocation.InvocationName -eq '.') {
+  # dot-sourced, don't invoke
+} elseif ($PSCommandPath) {
+  Invoke-ScriptMonkey @PSBoundParameters
+} else {
+  if ($args.Count -gt 0) {
+    $namedArgs = @{}
+    for ($i = 0; $i -lt $args.Count; $i++) {
+      if ($args[$i] -is [string] -and $args[$i].StartsWith('-')) {
+        $key = $args[$i].TrimStart('-')
+        $next = $args[$i + 1]
+        if ($next -and ($next -notlike '-*')) { $namedArgs[$key] = $next; $i++ } else { $namedArgs[$key] = $true }
+      }
+    }
+    Invoke-ScriptMonkey @namedArgs
+  } else {
+    Invoke-ScriptMonkey
+  }
+}