Thomas said:
currently I boot into Windows XP, and then load a virtual machine and
wait for it to boot. I want to bypass the first login and go
straight to the virtual machine. In other words, it should look more
or less like a normal boot into Windows, but at the end of the
process I end up in a virtual machine instead of having to start the
VM separately.
Put a shortcut to your VM's definition file in your Startup group. For
example, I have a shortcut in a Windows taskbar toolbar to load my test
VM which has as its command line:
"C:\Program Files\Microsoft Virtual PC\Virtual PC.exe" -pc "Windows XP
Pro SP3 (TEST)" -launch
In my case, the "Windows XP (TEST)" is the *name* that I gave my guest.
If the guest's name has spaced, be sure to enclose it in quotes as a
command-line parameter.
If you want to hide the Startup folder item from a user, you could put
the command line in a Run registry key (HKCU if you just want the
current user under which you are logged in to load the command or HKLM
if you want it to load for any account under which a user logs in). You
could also add it as a scheduled event in Task Scheduler with the config
of running the program when you login.
She doesn't do any gaming.
Yet she might run programs that expect usability of the real software
rather than the emulated hardware inside of a VM. All hardware except
the CPU gets emulated.
The requirement for booting directly into the VM is intended to avoid
causing her confusion by making it as transparent to her as possible.
Except that what you get is a windowed application. Even she will
probably recognize that she is NOT in the host OS but instead inside a
windowed guest OS. That means she can still access the host OS and
probably will at some point and end up installing software inside of it.
While VirtualPC has no snapshot feature (as does, for example,
VirtualBox), you can two things: save a backup of the files in the VM's
folder (.vhd and .vmc), or create a differencing disk. Unless you have
regular backups scheduled to run on the host, and unless those backups
are stored somewhere other than on the hard disk where the VMs are
defined (a partition on another hard disk, a removable hard disk,
removable media, etc), you would have to remember to periodically run a
backup to save the current state of the VM's files. Alternatively, you
could just do one backup after you finish tailoring the VM and use that
as your "Baseline" copy of the VM. If the VM's files get changed (like
you do updates to it), you could restore those files from your one-time
backup.
Another means of providing something like a snaphot is to setup a
reference or baseline guest. You install the OS, do the updates to it,
install whatever software you want inside that guest, and then never use
it again. Then you create another guest that actually gets used.
Rather than define its own virtual hard disk, you create a differencing
hard disk. You refer it to the .vhd hard disk file from your reference
guest. That way, even if you manage to update the test guest's hard
disk, you could simply delete that hard disk and create a new
differencing hard disk for the test guest based on the untouched
reference guest's hard disk.
Remember that the VPC user will still get the choice of saving changes
to their emulated hard disk. So using a VM doesn't guarantee that you
end up with an uncorrupted VM. In fact, since she wants to do e-mail or
create other documents, she WILL have to allow updating the guest's hard
disk. Using a differencing hard disk allows you to restore back to a
known baseline state but you will lose all your data files.
If you want to ensure your data files are retained after either
restoring the backed up .vhd and .vmc files or after deleting and
recreating a differencing disk, create another virtual disk inside the
test guest that links to your real hard disk. Then configure your apps
to get their data files from the virtual-to-real hard disk. However,
because you are linking to your real disk outside of the VM, you've just
destroyed any security against malware that will spread to all hard
disks within an OS (and to all virtual disks inside the test guest).
hopefully the transparency will make it easier for her to use.
Then why not use Returnil Home (free) which will restore the prior state
of her host? You can even configure it to load on Windows startup.
That means every hard disk access is virtualized to a "scratch" volume.
When you reboot, any changes made to the virtual disk are discarded and
you start with a fresh copy of your baseline host (i.e., its state at
whenever you decided to enable Returnil). This is useful in school
setups (along with a scheduled event to reboot the host sometime during
off-hours, like at 2AM and when backups aren't scheduled) to ensure the
host is in a known baseline state the next morning. Parents use it to
let their kids **** over their hosts as much as they want knowing the
host reverts back to the baseline state after a reboot. All those
games, activex and other browser add-ons, installed malware, keyloggers,
altered or corrupted registry, browser history, bookmarks to
questionable sites, changing the Start menu, tweaking the desktop or
other Windows changes, or whatever are all gone after a reboot.
It does mean that apps or users must save their data to a different
drive. Returnil Home only protects the OS partition (where you run
Windows) so you can save your data in another partition on the same hard
disk (another drive), on a partition on a different hard disk, on a
USB-attached hard drive, on removable recordable media (CD/DVD-R[W]), or
on a USB flash drive. If configured to load on Windows startup, any
changes the user makes to their host will vaporize when they reboot
their host. You can still install software if you disable Returnil (and
do a reboot), do the installs, and then reenable Returnil's System Safe
mode to load on Windows startup again.
With all hard disk access (for the OS partition only so be sure both
your OS and apps are in the same partition; i.e., on the same drive)
virtualized, you still get to use the real hardware (all memory, real
video card, add-on cards, USB devices, etc) but still have a protected
environment that allows you to revert to a prior known good baseline
state for your host. VPC doesn't support USB devices, you can't
allocate all your memory to a guest, and VMs are always MUCH slower to
run the OS and apps than your real host.
An alternate to Returnil is Microsoft's SteadyState. However,
SteadyState has more parental controls that are probably inappropriate
for an adult that wants to use their own computer. I find Returnil to
be an easier solution, too. They have an active forum if you need to
ask questions and they are responsive if you report problems or bugs.
Currently Returnil will wipe all changes made to the virtualized hard
disk while System Safe mode is enabled. So if you install any software
that requires a reboot then your install disappears on the reboot. So
you can test new software installs while virtualized using Returnil as
long as they don't demand a reboot (some installs request a reboot but
really don't need one). So I test or trial any unknown and untrusted
software inside a VM first. Then I enable System Safe mode in Returnil
and then test or trial it on my real host (if it doesn't require a
reboot). Then I run it on my real host but use Zsoft's Uninstaller to
monitor the installation to help ensure that I get a more complete
uninstall should I decide to remove it later.
Returnil is working on a means of saving the state of the virtualized
hard disk between reboots. They haven't got that feature yet but have
promised it in the next major version. They also claim that it will be
available in the free version. So eventually you can have Returnil load
its System Safe mode on Windows startup, retain changes to the virtual
disk between reboots (to allow installs that require a reboot or let you
shutdown and later power up your host in the same prior state), and
later you can decide whether or not to discard the changes saved to the
virtual hard disk. The payware version lets you, on shutdown, decide to
merge the changes made to the virtual hard disk to your real hard disk;
however, it is still limited in not remembering changes to the virtual
hard disk across reboots. In your case, having the host start at a
fresh baseline state each time the host gets powered on and Windows
starts is probably what you want. When you later decide to install
software, you can first test when virtualized using Returnil. If you
like the software, or already know you must have it, disable System Safe
mode in Returnil, reboot to discard virtualized hard disk changes, and
be in non-safe mode to do the install. Then enable System Safe mode
again (enabling does not require a reboot, just the disabling of System
Safe mode requires a reboot).
You can enable password protection on Returnil so only the admin that
knows the password can change the configuration of Returnil. When you
need to move forward the baseline state of your host by installing
needed software, you enter the password, disable System Safe mode,
reboot, install the software, and reenable System Safe mode and you've
got the new software available but back to a protected environment. Of
course, this means whenever any user of that host wants some software
installed that they have to whine to you to get it done. It also means
you need to ensure that all apps are configured to store the data files
in a partition other than the one (for the OS partition) that is being
protected; otherwise, the users will lose their data after a reboot.
I still use a VM to test untrusted software or to trial unknown
software. If I don't like it, I discard the changes made to it.
However, either because I decide I like the software but want to see it
run on my real host or because it won't install or run inside a VM, I
might [continue the trial and] run the program under Returnil's System
Safe mode. Since I do daily image backups (using Acronis TrueImage) of
my real host, if I go further with the software and install it on my
real host outside of System Safe mode, I can restore from my image
backups.
www.returnil.com
VM's are handy for testing and trialing software or to provide
additional hosts in your network or computing environment. They provide
good security through isolation. But they are definitely slow
performers, VPC doesn't support USB devices, a really old video standard
is emulated, and you don't get to use all your memory for a guest. In
your case, I don't think a VM is the best solution. You want to
virtualize the hard disk changes to allow discarding those changes (but
have the option to make permanent changes) and use your real host.
