Basically there is a pre-scan that you run that will check if WPS is "locked" or "unlocked". This only takes a couple mins. If it is unlocked you can then do the attack(2-12hrs) or scan against it that will discover the WPS pin and in turn the WPA passphrase.
Some routers only disable the WPS button when you select disable WPS. Others will disable it completely. The worst part is as that this vulnerability has been around since 2012 and still not patched on almost all routers. I realize most home users do not regularly update the firmwares on their routers so there may be some mfg's that have patched. I see several bellxxx networks in my range. Those are routers provided by Bell and they also have "Unlocked" WPS keys.