Windows BareMetal detected 100%

[Serpensin]

Hello.
I just compiled and tested VMAware. On my baremetal Windows11 machine, it detects "Microsoft Virtual PC/Hyper-V" with a 100% certainty.

Here are the checks, that flagged "detected":
• Checking 0x4 leaf of VMID...
• Checking RDTSC VMEXIT...
• Checking VM directories...
• Checking MMX instruction set...

I have HyperV, VM-Platform, Windows-Sandbox and WSL enabled. I also have docker desktop installed, if that helps.

[kernelwernel]

Hello. I just compiled and tested VMAware. On my baremetal Windows11 machine, it detects "Microsoft Virtual PC/Hyper-V" with a 100% certainty.

Here are the checks, that flagged "detected": • Checking 0x4 leaf of VMID... • Checking RDTSC VMEXIT... • Checking VM directories... • Checking MMX instruction set...

I have HyperV, VM-Platform, Windows-Sandbox and WSL enabled. I also have docker desktop installed, if that helps.

Windows 11 has an obscure feature where applications are run inside Hyper-V by default, even on baremetal (only if Hyper-V is enabled). I've had people tell me this issue before but there's really nothing I can do, because it is in fact running inside a VM.

I'll update the CLI code so it has a note that addresses this confusing Hyper-V fuckery, but yeah I hope this makes it clearer why you got that result.

[kernelwernel]

NOTE: this has been fixed in the latest 1.5 release, results that detect the Hyper-V brand will assume it's using default virtualisation on a host OS, discarding the result and thus outputting that it's NOT running in a VM.

to enable this mechanism, the --discard-hyper-v flag will need to be provided as an argument to the CLI program.