Hide KVM/QEMU in Windows 10 guest
Recently I was preparing a Windows 10 VM (in a Proxmox/KVM/QEMU environment) with the specific need to spoof some hardware IDs and evade a VM detection.
You need to remove all references to QEMU/VirtIO devices in the OS (so you should NOT install VirtIO drivers and QEMU guest agent, of course). For Proxmox (hardware) configuration, you can use the following configuration (adapt your /etc/pve/qemu-server/123.conf
where 123
is the VM ID):
agent: 0
args: -cpu host,hv_time,kvm=off,hv_vendor_id=null,-hypervisor
bootdisk: ide0
cores: 2
ide0: ssd:vm-123-disk-0,cache=writeback,model=disk1,size=100G
kvm: 1
memory: 8192
name: testwin10
net0: e1000=46:AE:7E:12:12:12,bridge=vmbr1
numa: 0
ostype: win10
scsihw: virtio-scsi-pci
smbios1: uuid=<uuid>
sockets: 2
vga: cirrus
vmgenid: <uuid>
To adapt this snippet, you need to change vmgenid
and smbios1
with a generated UUID (you can generate a new UUID using uuidgen
command in Linux). Also, you may want to change net0
to bridge the network card to a specific bridge (please also change the MAC Address).
You can find a description for each field in the Proxmox manual.