Often times users come to my Uninstall OfficeScan 10.6 without a password article looking for a way to get around occasional issues with OfficeScan but don’t want to fully uninstall OfficeScan because their IT department would not be pleased. I can sympathize with both sides as both have work that needs to be done. I’ve had to direct users that I don’t write these articles to help users get around policies that their companies or organizations put in place for good reason. HOWEVER, a good alternative is to simply unload OfficeScan at will. Thanks to a comment from one of the readers of this blog, I am adding the instructions on how to unload OfficeScan 10.6 without a password. The steps are almost identical to uninstalling OfficeScan, but with a few tiny changes, such as the value that gets changed. The steps are detailed below. If you have questions. feel free to comment and we’ll try to get them answered.
1) Reboot computer
2) Log in QUICKLY and run services.msc as fast as possible
3) Set “Trend Micro Unauthorized Change Prevention Service” to DISABLED
4) Run regedit
5) Browse to HKEY_LOCAL_MACHINE\SOFTWARE\
6) Change the value of the Unload_Pwd key to: !CRYPT!
7) Right-click on the Trend Micro OfficeScan icon in your task manager and choose Unload
8) Enter the password “test” without quotes and hit enter
9) Wait about a minute (mine took ~20 seconds but there’s no indicator so slower computers could take longer) and you will see the Trend Micro icon disappear from the taskbar
Alternatively, You can also goto
Run regedit.
>> Browse to HKEY_LOCAL_MACHINESOFTWAREWow6432NodeTrendMicroPC-cillinNTCorpCurrentVersionMisc >> NoPwdProtect & change the value to 1 from 0, This allows to bypass the password check overall .
For me the directory was : HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.
There is nothing in “Wow6432Node”
You have to change it from 0 to 1 in order to bypass it. That worked at least for me
The value in that location on my PC is already set to “0”, but I still get asked for the TrendMicro password. How can that be?
Thanks guys, this really works!!
Much thanks for this note. I used both the steps iterated and Nitrox’s advise and was able to unload.
Whats funny, this is a policy for my office, but what i need to unload is essential to my job
None of these things worked for me. I followed all the steps but still get the “password required” note. And I cannot edit the NoPwd reg-entry.
Anything I missed?
when i try to set the value from zero to 1 it says
“can’t edit:error writing the value’s new content”
what to now?
Look through the comments for ideas on how to get it in save mode or a way that makes the value writable.
can i know what kind of encryption is this??
The encryption is MD5. See my MD5 Hash Generator.
I can’t change the registry value. It says “Error writing the value’s new contents”
Yea, that’s the part mentioned in the instructions and/or comments in this thread about needing to disable a service that keeps you from editing those registry settings. Check the comments for other suggestions on how to get around that. I’m headed to bed. 🙂
please, this is now working for version 11. please, give solution for that version.
James, look elsewhere in this thread for feedback on version 11.
Thanks for suggestions, with some extra twicking to disable the “Trend Micro Unauthorized Change Prevention Service” it works perfectly on version 11
When I try to disable that entry in “services”, it pops right back to “Manual”. ???
Thanks.. this page is really helpful!
Great! Simply you are a star. Worked for me.
Works for previous versions. Please give updated ones for latest version