Tips and Tricks for working with Windows PE 2.1

Sunday, April 13, 2008

Windows PE Read AND Write the Registry?

I have many different variants of WinPE with varying installation mediums. One of my most recent versions is a Windows PE 2.0 installed to a hard drive. There are many benefits to this, the first of which is how fast it boots. With this particular machine it boots on average in about 3-5 seconds. Yes that's seconds. One of the many problems with PE is that the registry can be written to when it is booted but then when the system reboots it discards all of the changes made to it. With the primary purpose of PE this is not an issue however for those of us looking to expand PE's capabilities and searching for a version of Vista that is actually fast this can be an obstacle to bypass. With Vistas new form of boot.ini called the BCD many of the primary boot options are set with basic command line switches. One of the entries in the BCD is simply called "winpe". This is the switch from previous versions called "MININT". What this switch does when it is enabled is cause the configuration manager to load the registry hives as volatile so that any changes made to it are not saved to the original hives. The command as executed for the BCD would look like this: C:\bcdedit /set {7619dcc8-fafe-11d9-b411-000476eba25f} winpe No The primary issue with this is that once the registry is writeable the boot process changes. The system will no longer simply boot as previously. Once winpeshl.exe is executed it attempts to operate as previously with read only hives. A quick easy way to bypass this problem is simply replaces winpeshl.exe with a shell of your choice. To do this quickly you can simply rename your shell executable to "winpeshl.exe" and then it will be launched. I will continue to post about this in the future as I continue to explore down this path with the hard drive installation of WinPE.