Windows 11

The first image shows the installed applications.
1- What do I need to remove Edge components?
2- Can I remove Win32WebViewHost? I use Firefox based browser.
 

Attachments

  • edge.jpg
    edge.jpg
    14.5 KB
  • Edge2.jpg
    Edge2.jpg
    286.6 KB
  • Edge3.jpg
    Edge3.jpg
    211.7 KB
Last edited:
luckscent
From my experience, I'd not suggest removing these as they'll create multiple issues for the host OS.

If you want 'EDGEless' ISO like me, then do the following, this way, your system will be EDGE browser-less without any issue

-From Components/Network: Remove/uncheck Microsoft EDGE (Chromium)
Don't remove EDGE (legacy), there are some dependencies for some UWP apps to function properly with this one

-From Components/System Apps: Remove/uncheck Microsoft Edge DevTools Client

-From Settings/Tasks (UScheduler): Edge Update=
Delete
 
Last edited:
Hi! Press Windows + R and type %temp% Press Enter and Search NTLmp-Temp and click program files x86 and delete Microsoft Folder with iObit Unlocker or something and Microsoft Edge and Update and WebView2 will removed (FOREVER!)
 
Last edited:
I don't have a computer in this first situation I can test on, so I was curious if anyone could try this and/or already knows how it works? I was gathering all my bypass tweaks in order to use W11 on my unsupported hardware, and I happened to come across a thread where people talk about needing to do shift+F10 and specifically use MSOOBE\BYPASSNRO rather than "OOBE" without the "MS" prefix? What I'm curious about, is could those affected users change their integrated registry key path from ...\CurrentVersion\OOBE into ...\CurrentVersion\MSOOBE and will that work?

Second question is, if a user tries the unattend XML method for inserting registry keys, how does that work under the hood? I only want to know for learning, because I'm not super experienced with unattend yet and I'd just like to understand what this is physically doing, like is it the same thing as opening shift+F10 during Windows Setup and manually typing "reg add" but the XML just does this for you automatically instead, during setup?
 
W11 RTM shipped with System32\OOBE\BypassRNO.cmd as a "quiet" workaround. Most tech bloggers are sloppy and omit the .cmd suffix, referring to the hack as "OOBE\BypassRNO", since that's what you type.

BypassRNO.cmd:
Code:
@echo off
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassRNO /t REG_DWORD /d 1 /f
shutdown /r /t 0

This is a workaround for users who don't know how to:
- integrate this key into your image's HKLM hive (NTLite)​
- run the reg command from autounattend.xml (many published examples), or Windows\Panther\unattend.xml (Rufus)​

Obviously the reg command must be executed before arriving to OOBE (usually in the "specialize" pass).

BypassRNO.cmd does a reboot, because by the time you regain Shift-F10 access, which is blocked during some parts of OOBE, you're past the checkpoint. Restarting Windows will resume OOBE from before the last reboot, because Windows tracks the last unfinished install stage and continues from there.
 
https://github.com/pbatard/rufus/issues/1981
Code:
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
  <settings pass="windowsPE">
     (...)
  </settings>
  <settings pass="specialize">
    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" language="neutral" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS">
      <RunSynchronous>
        <RunSynchronousCommand wcm:action="add">
          <Order>1</Order>
          <Path>reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f</Path>
        </RunSynchronousCommand>
      </RunSynchronous>
    </component>
  </settings>
</unattend>
 
That's not quite what I'm looking for. Let me try to reframe it to match your perspective based on what you wrote.

1) Elevenforum tutorials (link) says that some people have to specifically use MSOOBE\BYPASSNRO because OOBE\BYPASSNRO doesn't work for them, for whatever reasons. What I'm wondering is, does the bypassnro.cmd file inside the MSOOBE path still apply the exact same registry key, or does it instead do as shown below, noting the end of the path having the extra 2 letter prefix.
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MSOOBE]
"BypassNRO"=dword:00000001

In other words, if those people in the MSOOBE scenario were trying to integrate this bypass tweak, would they use the one from the spoiler? I just don't know anything about why/how someone gets into an MSOOBE scenario, so I'm not even sure where to begin on researching that. I assume it has to do with prefab computers, but I've built my own for so long that I have no current hands-on knowledge of the Dell/HP/etcetera realm.

2) Disregard the above for this next question, it's totally seperate...When either the autounattend.xml or panther\unattend.xml are used for this bypass instead of the other methods, how do these files physically and literally execute them behind the scenes? What I mean is, do they take effect before Windows Setup loads the first screen, or do these files just do a simple "reg add" during setup on the fly, exactly the same way a user would manually do it--by using the shift+F10 shortcut to bring up a command prompt and then typing out, reg add blah?
 
The reason most users (including half of ElevenForums' contributors) are wrong, is the actual behavior changed over time.

21H2 introduced the workaround. It works in all instances. But since every tech blogger had a loud mouth, this workaround intended for enterprise clients was widely shared on every site. This undercuts the reach of MS Account, for without one you can't buy a paid OneDrive subscription. MS essentially makes zero off Windows, but OneDrive and O365 subscriptions are the cash cow for Windows Consumer.

22H2 changed this behavior. BypassRNO doesn't work in all instances, especially if Windows already detected there was a valid network connection before you tried rebooting. So people moved to the fake e-mail account hack. But again, too much of the same over-reporting lead MS to block some fake accounts from working, so you need to invent a new fake account.

Like everything in Windows, it's all timing based. The earlier the reg key is inserted (reg hive, specialize pass), the more effective the bypass is. MS is expecting you to think they're stupid, and OOBE\BypassRNO will still work on 22H2 and later. Nope. They changed the logic and now are checking much earlier in the OOBE workflow.

Every time I roll my eyes on ElevenForums, I keep thinking someone should just make a comprehensive test matrix of what works and what doesn't. But half of the crowd is working off tribal knowledge, and doesn't bother to do updated testing.

The bypass check works differently btw 21H2 and 22H2+ releases. A number of times I've forgotten (or mis-applied) the reg in the image, and presumed I could just run OOBE\BypassRNO to get past OOBE – Nope. Which is why when I'm locked out and too lazy to remake the image, I will switch to the Work or School account hack on Pro.
 
Yeah that's why everything I do takes forever, because like you said there's 30 years of mixed tribal knowledge out there at this point, and I'm finding that nowadays the only thing I can trust is my own hands-on testing. There's such a ridiculous amount of "common knowledge" that I've found to be completely untrue, or it changed so radically over the years at Microsoft's hands (and because people misunderstood it originally) that it's reached a point where the only thing that's reliable to me nowadays is a registry comparison tool. I'm spending a lot of time reinventing the wheel, so that I can gain the knowledge I need to do things better than what all these websites and scripts out there keep regurgitating.
 
Last edited:
W11 RTM shipped with System32\OOBE\BypassRNO.cmd as a "quiet" workaround. Most tech bloggers are sloppy and omit the .cmd suffix, referring to the hack as "OOBE\BypassRNO", since that's what you type.

BypassRNO.cmd:
Code:
@echo off
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassRNO /t REG_DWORD /d 1 /f
shutdown /r /t 0

This is a workaround for users who don't know how to:
- integrate this key into your image's HKLM hive (NTLite)​
- run the reg command from autounattend.xml (many published examples), or Windows\Panther\unattend.xml (Rufus)​

Obviously the reg command must be executed before arriving to OOBE (usually in the "specialize" pass).

BypassRNO.cmd does a reboot, because by the time you regain Shift-F10 access, which is blocked during some parts of OOBE, you're past the checkpoint. Restarting Windows will resume OOBE from before the last reboot, because Windows tracks the last unfinished install stage and continues from there.

RNO or NRO?
 
Sorry, NRO which is a verbal pun for "enroll".

If you pronounce it in American English, it sounds like: N ("en") - R ("ar") - O ("oh"). "en"-"ar"-"oh"
 
I made a compilation of some things that appeared on my firewall. Which of these items can I safely block access to?
 

Attachments

  • firewall.png
    firewall.png
    49.6 KB
Back
Top