Table of contents

Uninstall the agent

When you manually uninstall an activated agent from a computer, the computer doesn't notify Workload Security that the software has been uninstalled. On the Computers page in the Workload Security console, the computer's status will be "Managed (Offline)" or similar, depending on the context. To avoid this, in Workload Security, either:

  • Deactivate the agent before you uninstall it, or
  • Delete the computer from the list after you uninstall

Uninstall an agent (Windows)

Before updating or uninstalling an agent or relay on Windows, you must disable agent self-protection. To do this, in the Workload Security console, go to Computer editor > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override.

  1. Deactivate the agent using the Workload Security console by going to the Computers page, right-clicking the computer and selecting Actions > Deactivate.

    If you are unable to deactivate the agent because Workload Security is unable to communicate with the agent, you will need to do the following before continuing to the next step:

    C:\Program Files\Trend Micro\Deep Security Agent>dsa_control --selfprotect 0

  2. Go to the Control Panel and select Uninstall a program. Look for the Trend Micro Deep Security Agent and then select Uninstall.

Alternatively, you can uninstall from the command line:

msiexec /x <package name including extension>

For a silent uninstall, add /quiet.

Uninstall an agent (Linux)

If your version of Linux provides a graphical package management tool, you can search for the ds_agent package and use the tool remove the package. Otherwise, use the command line instructions below.

To completely remove the agent and any configuration files it created on a platform that uses the Red Hat package manager (rpm), such as CentOS, Amazon Linux, Oracle Linux, SUSE, or Cloud Linux, enter the command:

# sudo rpm -ev ds_agent
Stopping ds_agent: [ OK ]
Unloading dsa_filter module [ OK ]

If iptables was enabled prior to installing agent, it will be re-enabled when the agent is uninstalled.

If the platform uses Debian package manager (dpkg), such as Debian and Ubuntu, enter the command:

$ sudo dpkg -r ds-agent
Removing ds-agent...
Stopping ds_agent: .[OK]

Uninstall an agent (Solaris 10)

Enter the command:

pkgrm ds-agent

(Note that uninstall may require a reboot.)

Uninstall an agent (Solaris 11)

Enter the command:

pkg uninstall ds-agent

Uninstall may require a reboot.

Uninstall an agent (AIX)

Enter the command:

installp -u ds_agent

Uninstall an agent (macOS)

Use the built-in DSAUninstaller tool to uninstall:

To uninstall the agent you first need to disable self-protection.

  1. From the terminal, enter cd "/Library/Application Support/com.trendmicro.DSAgent".
  2. Enter sudo ./dsa_control -s 0.

    Self-protection is now disabled.

    To disable self-protection from Workload Security, see Configure self-protection through the Workload Security console for instructions.

  3. Enter sudo /opt/dsa/DSAUninstaller.

"Uninstallation is complete” indicates successful uninstallation.

Uninstall an agent (Red Hat OpenShift)

Enter the command:

helm uninstall ds-agent

Uninstall the notifier

From the Windows Control Panel, select Add/Remove Programs. Double-click Trend Micro Deep Security Notifier, and click Remove.

To uninstall from the command line:

msiexec /x <package name including extension>

For a silent uninstall, add /quiet.