The offline status of the DSA is due to the installed Comodo certificate. To resolve the issue, delete files related to the certificate installed, and reinstall the Comodo certificate:
- Uninstall DSA manually.
- Restart the server.
- Look for the following files or folders, and delete them if found:
- C:\WINDOWS\System32\Drivers\tbimdsa.sys
- C:\WINDOWS\System32\Drivers\tmactmon.sys
- C:\WINDOWS\System32\Drivers\tmcomm.sys
- C:\WINDOWS\System32\Drivers\tmevtmgr.sys
- C:\WINDOWS\System32\LogFiles\ds_agent\
- C:\Program Files\Trend Micro \AMSP\
- C:\Program Files\Trend Micro \Deep Security Agent\Agent
- C:\Program Files\Trend Micro \Deep Relay of Security Settings\Local (Relay)
- C:\Program Files\Trend Micro \Deep Notifier of Security Settings\Local (Notifier)
- C:\ProgramData\Microsoft\Windows\Start Menu \Programs\Trend Micro\
- Deep Security\Trend Micro Deep Security Notifier (for Windows 2008)
- C:\Documents and Settings\All Users\Start menu\programs\Trend Micro\
- Deep Security\Trend Micro Deep Security Notifier (for Windows 2003)
- C:\Windows\Installer\ {4E02FA4C-5238-454C-BBEB-61E314F8EC9A} / (Agent 64-bit)
- From the C:\Windows\inf\setupapi.dev.log file, look for entries containing the following:
- tmcomm.sys
- tmevtmgr.sys
- tmactmon.sys
These entries will enable you to identify if there are any remains of the previous installation. Look for "Installing catalog (any of the three drivers above).cat as:" and note the dates of the installation and the oemXX.inf files used to install these drivers. - Uninstall the existing tmcomm.sys, tmevtmgr.sys and tmactmon.sys by executing "pnputil -d oemfile.inf".
Identify which oemXX.inf files you need to uninstall by reviewing the setupapi.dev.log. - Delete any catalog files for AMSP drivers present in C:\Windows\system32\catroot, which are remains from the previous installations and that were not removed.
Note: These files will be appearing as oem01.cat or oem12.cat.
- Delete old driver files present in the Windows Driver Store, C:\Windows\system32\DriverStore\FileRepository\tmxxxx (folders).
- Install all the Comodo certificates. Make sure to place them in the appropriate store.
- Reinstall the DSA using a freshly downloaded installation package.
- Restart the server.
- Verify that the drivers are present in the Device Manager using non P&P devices. You should see the following drivers:
- tmcomm.sys
- tmevtmgr.sys
- tmactmon.sys
- Deactivate the agent on the DSM to remove the old associations.
- Activate the agent from the DSM again.