Skip to content

Bump Agent troubleshooter, adding remote access scripts #309

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
silversword411 merged 2 commits into from
Feb 14, 2026
Merged

Bump Agent troubleshooter, adding remote access scripts #309

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4c5d55e
Agent Troubleshooting 1.7
silversword411 Jan 9, 2026
bfb7e05
WIP: Add Remote Access detector and screenconnect detector 1.10
silversword411 Feb 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 77 additions & 0 deletions scripts/Win_TRMM_Troubleshooting_Agent.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
v1.4 5/15/2024 Rework and simplify. Write out logfile
v1.5 6/21/2024 Adding trmm agent to Check-Memorysize
v1.6 8/26/2024 checking mesh for CF proxy
v1.7 1/8/2026 adding defender exclusion list and program files lists to output
#>

param(
Expand Down Expand Up @@ -350,6 +351,74 @@ function Test-ServerConnections {
}
}

function Get-DefenderExclusions {
try {
$preferences = Get-MpPreference -ErrorAction Stop

Write-Output "Path Exclusions:"
if ($preferences.ExclusionPath.Count -gt 0) {
foreach ($path in $preferences.ExclusionPath) {
Write-Output " - $path"
}
}
else {
Write-Output " None"
}

Write-Output ""
Write-Output "Process Exclusions:"
if ($preferences.ExclusionProcess.Count -gt 0) {
foreach ($process in $preferences.ExclusionProcess) {
Write-Output " - $process"
}
}
else {
Write-Output " None"
}

Write-Output ""
Write-Output "Extension Exclusions:"
if ($preferences.ExclusionExtension.Count -gt 0) {
foreach ($ext in $preferences.ExclusionExtension) {
Write-Output " - $ext"
}
}
else {
Write-Output " None"
}
}
catch {
Write-Output "Unable to retrieve Windows Defender exclusions. Error: $_"
}
}

function Get-ProgramFilesList {
$programFolders = @(
"C:\Program Files",
"C:\Program Files (x86)"
)

foreach ($folder in $programFolders) {
if (Test-Path $folder) {
Write-Output "Contents of ${folder}:"
try {
$items = Get-ChildItem -Path $folder -ErrorAction Stop | Select-Object Name, LastWriteTime
foreach ($item in $items) {
Write-Output " $($item.LastWriteTime.ToString('yyyy-MM-dd')) - $($item.Name)"
}
}
catch {
Write-Output " Unable to list contents. Error: $_"
}
Write-Output ""
}
else {
Write-Output "${folder} does not exist."
Write-Output ""
}
}
}

function Check-ServicesAndFiles {
param (
[string]$MeshAgentPath = "C:\Program Files\Mesh Agent\MeshAgent.exe",
Expand Down Expand Up @@ -454,5 +523,13 @@ Write-Output ""

Write-Output "********************* Mesh Memory Size ************************"
Check-MemorySize
Write-Output ""

Write-Output "************** Windows Defender Exclusions ********************"
Get-DefenderExclusions
Write-Output ""

Write-Output "******************** Program Files List ***********************"
Get-ProgramFilesList

Stop-Transcript
Loading