10 replies to this topic

[gbrao]

On start up how can a program determine if it is running in a PE or regular Windows (7+)?

 

One way would be to check if the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinPE exists. What's the 'correct' way?

[erwan.l]

just an idea, what about checking if wpeutil exist on the system?

[Wonko the Sane]

Check the Systemsetupinprogress key:

HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress

 

Wonko

[Tokener]

Hello,

two more keys may be of interest.

They are not present on installed NT_6 System but created on PE-boottime:

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\

 

since PE2 (Vista):

PEBootType --> indicates PE running from OpticalDisc or HDD.

Microsoft Info

 

since PE4(?):

PEFirmwareType --> indicates PE running in UEFI mode. (Returns 0x2)

MSDN Info

 

 PEBootType_Flat_PEFirmwareType_2_UEFI.jpg   175.34KB   0 downloads  PEBootType_OpticalDrive_PEFirmwareType_1_Legacy.jpg   182.66KB   0 downloads

 

Regards  T.

[gbrao]

Thanks everyone.

 

 

SystemSetupInProgress = 0 means regular windows

SystemSetupInProgress = 1 means PE, right?

[nguyentu]

You can check the system drive, X: = RamDisk = WinPE

[RoyM]

I'm with nguyentu, But also check Ramdrive against %SystemRoot%, not always X:.

 

If I remember correctly the \SystemSetupInProgress can also be set

via a program that needs a reboot, such as drivers, etc.

 

@ReTokener, Nice Info .

 

Regards

RoyM

[Wonko the Sane]

Thanks everyone.
 
 
SystemSetupInProgress = 0 means regular windows
SystemSetupInProgress = 1 means PE, right?

Yep.

The issue here may be some scripts that re-set that keys to allow some tools/subsystems (that were designed to NOT work in a PE) on a PE and that later *forget* to set it back to 1.

As an example good ol' paraglider's HWPNP plugin correctly changes the key only for the strict time needed (with /r):
http://www.paraglide...ugins/hwpnp.htm
some other tools may just set it to 0 and leave it that way.

I seem to remember vaguely that in order to have the printing subsystem working it must be 0 , so checking that key AND something else may be a good idea.


Wonko

[Vortex]

Hi gbrao,

 

IsWinPE is a small tool to detect if the user is operating under Windows PE ( Preinstallation Environmet ) or Windows. The environment variable ERRORLEVEL is set to 1 if WinPE is detected. Otherwise, ERRORLEVEL is set to 0

 

The tool checks the existence of the key :

HKLM\SYSTEM\CurrentControlSet\Control\MiniNT

test.bat :

IsWinPE.exe

@IF %ERRORLEVEL% == 1 ( @echo Operating in WinPE environment

                      ) ELSE (
                              @echo Operating in Windows environment
                             ) 

Attached Files

•  IsWinPE10b.zip   1.51KB   5 downloads
•  IsWinPE10-64bit.zip   3.74KB   5 downloads

[erwan.l]

next to some registry files:

 

-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinPE

-HKLM\SYSTEM\CurrentControlSet\Control\MiniNT

-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\PEBootType (PE2)

-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\PEFirmwareType (PE4)

-HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress

 

or some files in system folder

-wpeutil

 

one can also check some env variables :

-%systemdrive%=x: 

-%username%=system

-%userprofile%=x:\windows\systemuserprofile...

[steve6375]

Would this be of use?

http://rmprepusb.blo...-winpe-via.html

@echo off
wpeutil UpdateBootInfo > nul
color 1f
for /f "tokens=2* delims=  " %%A in ('reg query HKLM\System\CurrentControlSet\Control /v PEFirmwareType') DO SET Firmware=%%B
:: Note: delims is a TAB followed by a space.
if %Firmware%==0x1 echo WinPE booted in BIOS mode.
if %Firmware%==0x2 echo WinPE booted in UEFI mode.
echo.
pause