VMware Communities
jimbananas
Contributor
Contributor
Jump to solution

Can you hide virtual machine from a program?

I have been trying to play Sword of the New World on an xp virtualized platform. I think I finally had it working because Direct X 9 is running well and it didn't crash on start up. However this is an online game and the online security and anti-hacking measures picked up that it was being run in a virtual machine and it said something to the effect of, "Sorry, you cannot run this program in a virtual machine." I think that a program shouldn't be biased against virual machines, afterall, what did they ever do to it? The program is called x-trap BTW. I don't want to try to work around x-trap by disabling it or whatever because that could jeapordize my account. I would however like to know if I can hide the fact that the game is running in a virtual machine from the game.

Any suggestions would be appreciated and thank you in advance.

Reply
0 Kudos
1 Solution

Accepted Solutions
continuum
Immortal
Immortal
Jump to solution

Next you must provide infos ...

That app in question may check for

  • detect the VMware-backdoor - can be disabled by mentioned line in vmx

  • check for typical virtual hardware - oh dear - this is tricky to prevent - find out what device exactly it scans for - maybe there are ways

Also read my notes on isolation parameters for the vmx-file - experiment with several of those - see my site > vmx > advanced > isolation

___________________________________

VMX-parameters- VMware-liveCD - VM-Sickbay


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

View solution in original post

Reply
0 Kudos
20 Replies
continuum
Immortal
Immortal
Jump to solution

there are several ways for apps to find out that they are running inside a VM ...

try to add this line to your vmx-file

monitor_control.restrict_backdoor = "true"

___________________________________

VMX-parameters- VMware-liveCD - VM-Sickbay


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

jimbananas
Contributor
Contributor
Jump to solution

Thank you for your answer, and I tried inserting that line in my vmx file, but it didn't seem to work. Thank you for any other ideas.

Reply
0 Kudos
continuum
Immortal
Immortal
Jump to solution

Next you must provide infos ...

That app in question may check for

  • detect the VMware-backdoor - can be disabled by mentioned line in vmx

  • check for typical virtual hardware - oh dear - this is tricky to prevent - find out what device exactly it scans for - maybe there are ways

Also read my notes on isolation parameters for the vmx-file - experiment with several of those - see my site > vmx > advanced > isolation

___________________________________

VMX-parameters- VMware-liveCD - VM-Sickbay


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

Reply
0 Kudos
jimbananas
Contributor
Contributor
Jump to solution

You pages on isolation did it!

This is the string that I am using so the Virtual Machine isn't recognized:

monitor_control.virtual_rdtsc = "false"

monitor_control.restrict_backdoor = "true"

isolation.tools.getPtrLocation.disable = "true"

isolation.tools.setPtrLocation.disable = "true"

isolation.tools.setVersion.disable = "true"

isolation.tools.getVersion.disable = "true"

monitor_control.disable_directexec = "true"

I actually think that it is just that last one that did it, but since everything is working as I want it to I might just leave it.

Thanks, again.

Reply
0 Kudos
continuum
Immortal
Immortal
Jump to solution


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

Reply
0 Kudos
lauksas
Contributor
Contributor
Jump to solution

man, I need to run the same program, beu when I start the VM with this parameters, it just keep freenzing and dos not start de OS. I'm using windows XP, so I gess you used XP too.

Can you help-me?

Reply
0 Kudos
continuum
Immortal
Immortal
Jump to solution

last time Jim was here was in 2009 Smiley Wink - if you wait for him you need a lot of patience

post your vmx-file - maybe I can help

if that game now uses nprotect gameguard you are out of luck


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

Reply
0 Kudos
jimbananas
Contributor
Contributor
Jump to solution

Strangely enough, I do check in once in a while for curiosity sake.

Also strangely enough, when I first set up my virtual machine I set up two at the same time in the exact same way.  One of them worked with SOTNW and one of them didn't.  I would simply suggest starting over and trying again.

I recently just started a new virtual machine in just this way with Windows XP and it runs sword 2 fine.  So I am 2 for 3 (wish chipping had that high of odds, ha ha).

Don't know what else to tell you other than that the people on the forums here are very helpful, so they can probably give you more help than I can.

GL

Reply
0 Kudos
lauksas
Contributor
Contributor
Jump to solution

Hey Man, thanks for the awnser and soru about the delay... some problem wiht life... lol

So I suceded to "hide" the virtual machine, and the software opened. This software is a hacker protect for a game, and was show an error that can't run inside a VM. So, the X-trap didn't detected the VM with the parameters:

monitor_control.virtual_rdtsc = "false"

monitor_control.restrict_backdoor = "true"

isolation.tools.getPtrLocation.disable = "true"

isolation.tools.setPtrLocation.disable = "true"

isolation.tools.setVersion.disable = "true"

isolation.tools.getVersion.disable = "true"

monitor_control.disable_directexec = "true"

O took one or two, don't remember witch one, I had to delete, because the windows XP don't started with this options, and I had to delete the virtual machine for HD space reasons Smiley Sad.

But the thing is, the aplication started, I mean, but all 3D of it gone black, some parts worked but when it I loged in the server and the game realy initiate to load, the VM stoped working after that, and gave up. But if you have any ideas, I'm all ears :smileygrin:

Thanks again.

Regards.

Reply
0 Kudos
jimbananas
Contributor
Contributor
Jump to solution

I am by no means an expert on these things.  The people with all the posts and the thanks are the ones to ask about 3d rendering questions.  I would only guess at what they know much better than I.

If you had it running though, and if it got by the x-trap errors then you have everything set up correctly as far as the game goes.  I think after that it's just access to the video card i.e. make sure you have vmware tools installed and allow the virtual machine access to your graphics card so it can run direct x and what not.

That's about all the help I can give, look to the experts for more Smiley Happy.

Reply
0 Kudos
continuum
Immortal
Immortal
Jump to solution

try without these two

isolation.tools.getPtrLocation.disable = "true"

isolation.tools.setPtrLocation.disable = "true"

attach a vmware.log after you removed those two lines


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

Reply
0 Kudos
Faize
Enthusiast
Enthusiast
Jump to solution

What does the line monitor_control.virtual_rdtsc = "false" do?

On a Windows 7 x64 guest there's no problem but on a Windows XP guest I get a BSOD immediately after the BIOS screen.

Reply
0 Kudos
admin
Immortal
Immortal
Jump to solution

Faize wrote:

What does the line monitor_control.virtual_rdtsc = "false" do?

It tells the hypervisor not to virtualize the time stamp counter.  The physical value is passed on to the guest instead.  This is not recommended.

Reply
0 Kudos
olympic
Contributor
Contributor
Jump to solution

how to do that sir? can you tell me where to find vmx-file is? sorry i newbie here. and just asking for a help,since i not good with sofware or program.

if someone can,pls tell step by step how to do that. i really appreciate itSmiley Happy

Reply
0 Kudos
WoodyZ
Immortal
Immortal
Jump to solution

olympic wrote: how to do that sir? can you tell me where to find vmx-file is?

Have a look at: Tips for editing a .vmx file

Reply
0 Kudos
olympic
Contributor
Contributor
Jump to solution

ok.i found it.thx for repply.Smiley Happy

Reply
0 Kudos
cndg6
Enthusiast
Enthusiast
Jump to solution

The cpuid is another one - here's the complete list of things to add to your VMX file:-

monitor_control.virtual_rdtsc = "FALSE"
monitor_control.restrict_backdoor = "TRUE"
isolation.tools.getPtrLocation.disable = "TRUE"
isolation.tools.setPtrLocation.disable = "TRUE"
isolation.tools.setVersion.disable = "TRUE"
isolation.tools.getVersion.disable = "TRUE"
monitor_control.disable_directexec = "TRUE"
hypervisor.cpuid.v0 = "FALSE"

 

Reply
0 Kudos
Trisshado
Contributor
Contributor
Jump to solution

Hi! I just found this article after many other ones. I am a 100% newbie to all of this. However I want to bypass a message "Sorry this application cannot run under a virtual machine" for a game I play. This way I can start up multiple accounts and farm 'Cows'. I used to 'just' edit the registeryeditor (Something with SystemBiosVersion and VBOX-1 to NOBOX-1) untill the game patched this method. 
Sadly after reading multiple articles I haven't found anything I understand. 
I am running windows 10 and running windows 7 64 on the VM.

Could anyone help me with this? I am even willing to pay for the service 🙂

Add me on discord: Trisshado#4470
Or just type it here 🙂

Kind regards, 
Tristan

Reply
0 Kudos
Amelia4278
Contributor
Contributor
Jump to solution

In short, I think you just cannot. It's the discussion about malware trying to detect if it is running in a VM to avoid being detected by systems that use VMs to run code to check for malware.

Reply
0 Kudos