RDTSC-KVM-Handler VS pafish

You really ought to look into "VM hardening". Granted, it is not as simple as a one-button click thing, but bypassing VM detection is quite well established nowadays. Here's one link to get you started: https://github.com/WCharacter/RDTSC-KVM-Handler

I don't see any practical way they can detect qemu that can't be patched.

Here's one patch that supposedly works with battleeye: https://github.com/WCharacter/RDTSC-KVM-Handler

The current situation is that they could probably use server-side heuristics to detect players behaving oddly, review the case, and ban according.

But also I wouldn't be surprised if there were already bots using machine learning to autoaim based on video signal out of the PC with aiming done as a "real" HID mouse.

If we can train a car to drive, we can certainly train a computer to find and click faces in cod.

I applied this patch. I don't know with which games does it help. I wanted to check if it works with Valorant but i can confirm that it doesn't. I think it was made to help with games like Rainbow six. https://github.com/WCharacter/RDTSC-KVM-Handler

And I tried this vmx.c & svm.c from that github : RDTSC-KVM-Handler

I've used patches previously to bypass this check: WCharacter/RDTSC-KVM-Handler, however now Windows sees my CPU clock as 200Mhz. That isn't too bad, as it doesn't affect performance anyway.

patch kernel using this: https://github.com/WCharacter/RDTSC-KVM-Handler

I recommend that you swap your kernel patch to my version, assuming the one you used was this. Mine will report more realistic values than that one.

Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.

You can do it however that requires extensive Research. There are Things such as https://github.com/a0rtega/pafish That Help you get the First detection vectors sorted. However hate to say it but youll be better off actually coding a "Cheat" that Patches the vm Checks the Game does in Order to Play.

Yes. For example: https://github.com/a0rtega/pafish

You can check what thing are detected by using -> https://github.com/a0rtega/pafish Normally VM Exit and Virtual Input devices are detected. But it still works for 99% of the games.

I have been working on obfuscating my vm, the results are mixed... A good start is to use paranoid fish , tools gives you an idea how it detects vm's :)

So I suppose that it depends on the malware. Some malware doesn't want to take the chance of being reverse engineered, so when it's aware that it is in a virtual machine, it might shut down. pafish has functionality for working out whether-or-not it is running in a VMware instance.

Last time when I tried to run Valorant just BSoD the VM Everything else works (EAC, BE, Ricochet, etc...). You can test if your VM can be detected using this tool.

Does soft as pafish https://github.com/a0rtega/pafish will detect RDTSC VM exit on wraped WinVM?

You can use pafish to test vm detection methods. https://github.com/a0rtega/pafish