Disabling Anti-Malware Solution Platform (AMSP) 1.5 module functions

Support
Solution ID Last Updated
1056748 Date : 2013/08/08 Time:5:58 AM , (PST)


Product/Version Platform
Worry-Free Business Security Standard/Advanced - 7.0;
Windows - 2003 Datacenter Server, 2003 Enterprise Server, 2003 Home Server, 2003 Small Business Server, 2003 Standard Server Edition, 2003 Storage Server, 2003 Web Server Edition, 2008 Datacenter Server, 2008 Enterprise Server, 2008 Essential Business Server, 2008 Small Business Server, 2008 Standard Server Edition, 2008 Storage Server, 7 32-bit, 7 64-bit, Vista 32-bit, Vista 64-bit, XP Professional

Problem Description

Learn how to turn off the different AMSP modules. This is necessary when you are performing isolation and troubleshooting procedures.  

Solution

For the instructions to turn off a specific function, select any of the following:
Note: You can turn off each module on the client side only.
[ Expand All ]

 

Virus Scan Application Program Interface (VSAPI)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10000\<AMSP_version> and rename plugEngineVSAPI.dll (example: plugEngineVSAPI.bak).
  3. Go to ..\Trend Micro\AMSP\module\10000\<AMSP_version>\<module_version> and rename plugEngineVSAPI.dll (example: plugEngineVSAPI.bak).
  4. Reload the Security Agent.

 

Real-time (hooking is still working but you want to bypass the event)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\20001\<AMSP_version> and rename plugAdapterSystem.dll (example: plugAdapterSystem.bak).
  3. Go to ..\Trend Micro\AMSP\module\20001\<AMSP_version>\<module_version> and rename plugAdapterSystem.dll (example: plugAdapterSystem.bak).
  4. Reload the Security Agent.

 

Real-time and hooking

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\20001\<AMSP_version> and rename plugAdapterSystem.dll (example: plugAdapterSystem.bak).
  3. Go to ..\Trend Micro\AMSP\module\20001\<AMSP_version>\<module_version> and rename plugAdapterSystem.dll (example: plugAdapterSystem.bak).
  4. Run these commands:
    sc stop tmactmon
    sc stop tmevtmgr
    sc stop tmcomm
  5. Reload the Security Agent.

 

Spyware Scan Application Program Interface (SSAPI)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10001\<AMSP_version> and rename plugEngineSSAPI.dll (example: plugEngineSSAPI.bak).
  3. Go to ..\Trend Micro\AMSP\module\10001\<AMSP_version>\<module_version> and rename plugEngineSSAPI.dll (example: plugEngineSSAPI.bak).
  4. Reload the Security Agent.

 

Damage Cleanup Engine (DCE)

  1. Unload the Security Agent.
  2. Go to \Trend Micro\AMSP\module\10002\<AMSP_version> and rename plugEngineDCE.dll (example: plugEngineDCE.bak).
  3. Go to \Trend Micro\AMSP\module\10002\<AMSP_version>\<module_version> and rename plugEngineDCE.dll (example: plugEngineDCE.bak).
  4. Reload the Security Agent.

 

Behavior Monitoring (AEGIS)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10004\<AMSP_version> and rename plugEngineAEGIS.dll (example: plugEngineAEGIS.bak).
  3. Go to ..\Trend Micro\AMSP\module\10004\<AMSP_version>\<module_version> and rename plugEngineAEGIS.dll (example: plugEngineAEGIS.bak).
  4. Reload the Security Agent.

 

Trend Micro URL Filtering Engine (TMUFE)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10005\<AMSP_version> and rename plugEngineTMUFE.dll (example: plugEngineTMUFE.bak).
  3. Go to ..\Trend Micro\AMSP\module\10005\<AMSP_version>\<module_version> and rename plugEngineTMUFE.dll (example: plugEngineTMUFE.bak).
  4. Reload the Security Agent.

 

Interactive Cyclic Redundancy Check (iCRC)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10008\<AMSP_version> and rename plugEngineICRC.dll (example: plugEngineICRC.bak).
  3. Go to ..\Trend Micro\AMSP\module\10008\<AMSP_version>\<module_version> and rename plugEngineICRC.dll (example: plugEngineICRC.bak).
  4. Reload the Security Agent.

 

Local Correlation Engine (LCE)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10009\<AMSP_version>\<module_version> and rename plugEngineLCE.dll (example: plugEngineLCE.bak).
  3. Go to ..\Trend Micro\AMSP\module\10009\<AMSP_version> and rename plugEngineLCE.dll (example: plugEngineLCE.bak).
  4. Reload the Security Agent.

 

Local Event Store (LES)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10010\<AMSP_version> and rename plugEngineLES.dll (example: plugEngineLES.bak).
  3. Go to ..\Trend Micro\AMSP\module\10010\<AMSP_version>\<module_version> and rename plugEngineLES.dll (example: plugEngineLES.bak).
  4. Reload the Security Agent.

 

Trend Micro Script Analyzer (TMSA)

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\10011\<AMSP_version> and rename plugEngineTMSA.dll (example: plugEngineTMSA.bak).
  3. Go to ..\Trend Micro\AMSP\module\10011\<AMSP_version>\<module_version> and rename plugEngineTMSA.dll (example: plugEngineTMSA.bak).
  4. Reload the Security Agent.

 

Adapter Bypass

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\20002\<AMSP_version> and rename plugEngineAdpaterBP.dll (example: plugAdpaterBP.bak).
  3. Go to ..\Trend Micro\AMSP\module\20002\<AMSP_version>\<module_version> and ename plugEngineAdpaterBP.dll (example: plugAdpaterBP.bak).
  4. Reload the Security Agent.

 

TM Proxy

  1. Unload the Security Agent.
  2. Go to ..\Trend Micro\AMSP\module\20004\<AMSP_version> and rename plugEngineAdapterProxy.dll (example: plugEngineAdapterProxy.bak).
  3. Go to ..\Trend Micro\AMSP\module\20004\<AMSP_version>\<module_version> and rename plugEngineAdapterProxy.dll (example: plugEngineAdapterProxy.bak).
  4. Reload the Security Agent.


Rate this Solution
Did this article help you?

Please provide your comments to help us improve this solution.

 
  *This form is an automated system. General questions, technical, sales and product-related issues submitted through this form will not be answered.
 
 

Connect with us on