I have no idea what Windows 11 Latte is. You can set the cores in virtualbox yourself as many as your host hardware allows. Is just resetting the registry not really a good tool to use for "restoring"windows, if there was a virus active at the time of restore point creation it will be active after using that restore point. Going to keep this very short, do not chop windows (the lite hype), it will lead to (unexpected)(future) problems....
Enterprise multi-session = ServerRDSH IIRC, it was also called "Enterprise for Virtual Desktops" at one point.
Not easy to do with the fulle AIO ISOs these days, you can use my tool to only leave the desired index: https://forums.mydigitallife.net/threads/win-iso-wim-esd-swm-handling-tool.78925/ Enterprise multi-session = serverrdsh afaik. as shown here:
Thank you Carlos Detweiller and Enthousiast -- knowing is always better than guessing! How in the world did you guys ever find this stuff out, I can't find anything anywhere from Microsoft that documents this?
enterprise for virtual desktop aka enterprise multi-session aka serverrdsh showed up in 1809 aka 17763 business iso
Enthousiast, you sir, are a gift to these forums -- I can't count the number of times your posts have helped me out, and hundreds if not thousands of others here as well! Your like the Mark Russinovich 2.0 of the MDL forums, you're a pretty amazing guy!
Thanks, makes sense. My workaround for "virus active at the time of restore point" is to run system restore after every internet session. Win 7 system restore is quick and reliable, so it's not inconvenient to run it after every internet session. So I use 7 to operate the hardware, but I'm looking at virtualizing Win 10 (2032 end-of-support for LTSC - what I've been calling "latte") or Win 11 (presumably longer support, if I can get it to work on a Win 7 host). My rationale for virtualizing 10 or 11 is their system restore is not reliable like 7's. If a 10 or 11 system restore fails, then I can use the virtualization software to restore to a snapshot.
I understand what you're trying to do -- I don't like how system restore on 10 & 11 operates either, and don't use it for that reason. But running Windows in a VM isn't the fail-safe sandbox you might think it is, the host OS or Hypervisor has vulnerabilities too, as does the VM software, and there's considerable performance overhead. If you're just testing software all of that makes sense, but for a daily driver setup you're give up a lot perhaps just for something familiar. SSD & FLASH storage are cheap and just get cheaper -- and there's nothing simpler and more straightforward than doing an image backup. Modern image tools and there are a lot of them, are cheap, or FOSS, run on everything, will even do incremental backups. Nothing is 100%, but this gets you pretty close, and takes three big points of failure and doubt out of the equation.
Thanks, I was wondering if I could side-step the hypervisor vulnerability via a double- system restore: (1) first restore the virtual Win 10 or 11 system that was used on the internet; and (2) finish by system-restoring the Win 7 host. Such a double- system restore would prevent the host from getting infected. What if the threat breaks out of the virtual box and infects the host, and the host in turn re-infects the virtual system after it's restored? Maybe that can be prevented by enabling encryption on the virtual system? So it can't be re-infected by the host after running a virtual system restore?
Or maybe I should apply the opposite approach? If I don't browse the internet with the host Win 7 system, then maybe it's safe to enable encryption on it, so it can't be infected by a threat that breaks out of the virtual box?
My op sec protocol is to run system restore after every internet session. After 15 years of surfing the web this way, no threats are detected by Malwarebytes (even after I've encountered some infected websites). Therefore, my favorite daily driver is Win 7, because its version of system restore seems to be the fastest. My internet reading has suggested the Linux versions of system restore are slower and more cumbersome than Win 7's system restore. Since browser support for 7 is fading fast, I'm getting into virtualization to sandbox email and internet browsing in 10 and/or 11. The rationale for virtualizing is the unreliability of system restore in 10 & 11. I'm running this configuration on the Optiplex 7050 with 32gb ram. Simultaneously bare 7 and virtual 10 are lightening fast, with VirtualBox configured to divide system resources equally between host and guest. It's kinda funny how fast this set-up is. It's on a haphazard test machine, therefore primitive HDD instead of modern SSD. It's already lightening fast with the HDD, but will be even better when I get around to setting this up on an SSD. So my set-up differs from that of most dual-booters. I'm running both the bare and virtual systems simultaneously, unlike dual-booting. I'm not sure whether there's any security advantage to encrypting one of the two systems. My fear about enabling encryption is getting hijacked by ransomware. My rationale for not enabling encryption on the bare 7 system was I don't want my hardware drive to be hijacked by ransomware. However, if my internet browsing is done via an unencrypted virtual system, then maybe ransomware won't be able to hijack an encrypted real drive? Can a virtual exploit apply ransomware to the host? Let's flip the script: suppose I encrypt the virtual 10 system and not the bare 7 system. If an exploit escapes the virtualbox and infects the bare 7 system, will I then get a warning that the infected 7 system is now trying to access the encrypted 10 system? Maybe encrypting the virtual system is futile, because the only security threat is a virtual exploit.
Muffin Top I'm not an authority on security in any way shape or form (though I do work with someone daily who is) and while this is quite a digression from the original topic -- in the spirit of all things MDL and helping -- I think there are some things you may wish to seriously consider: Malwarebytes is a very low bar for security -- many of the most onerous exploits weren't detected or even added to the Malwarebytes database (or any other consumer security software) till years after they were in the wild, and in some cases ever -- due to liability. Your biggest vulnerability is your host OS and if it's Windows 7 more so, as it allows unsigned Ring-0 kernel level drivers. A Ring-0 kernel level driver offers an easily exploited single point of complete failure -- and on Windows 7 there's nothing in the way, no signature even required, encryption will not protect you and can even be used against you to more quickly easily permanently hose, or ransom your system. Once in place a Ring-0 exploit can run anything invisibly on the system where neither an Administrative account, MalwareBytes or any security software can see or do anything about it. This can include flip-bit BIOS malware injection (that can never be Re-FLASH/undone) and your system becomes a 'forever' host for every and anything unless you have a rework station and can reball and solder a new FLASH module on your motherboard. Running VMs you have three times the attack surface to vulnerabilities vs just a native OS install running on bare metal: the Host, the VM itself as VMware and VirtualBox run Ring-0 kernel level drivers (their source of past exploit), and the virtualized OS. Linux backup/imaging is generally slow because most popular linux distributions are enormous, larger than a Windows Installation with Microsoft Office and the kitchen sink of games & applications. A lighter weight distro of Linux (or BSD) that's just the OS for hosting virtual machines and a nice GUI will image and back up even on the slowest eMMC storage in seconds. Many security conscious *NIX users don't bother imaging their systems in the traditional Windows sense, and instead use other approaches like an immutable installation and use containers, which can be a lot more efficient and is much more secure. An immutable installation once configured has the core OS files locked down where nothing can hack, infect or change them. As well *NIX operating systems by design don't allow anything third party to run in Ring-0 singed or unsigned (another reason *NIX is a better VM Host). Even signed kernel level drivers have been exploited on Windows 8, 10, and 11, and once done it's the same horrible game over scenario as with unsigned drivers on Windows 7. Thousands of OEMs, software companies, developers, and even governments have requested that Windows not allow drivers or any third party code to run in Ring-0. An especially touchy subject for people working in my industry as Ring-0 drivers used to offer the lowest latency, closest to real-time OS performance, similar to what can be accomplished on OSX with its MACH microkernel -- sadly Windows is now the worst of both worlds due to monetization... So, long term, you might want to consider a different host OS, or using Ventoy where there is no host OS and your just booting containerized file-system images. Your Chickens Your Farm Intellege Quid Agitur
what about X-Lite builds???you have some Xtra lights...I know, the project is not open source, but it's really great build