Dear QEMU developers, I hope this message finds you well.
My goal is to run a Windows virtual machine in such a way that software like Safe Exam Browser (SEB) cannot detect that it’s running inside a virtual machine. Currently, I’m using QEMU with virt-manager on Arch Linux to run a Windows 10 guest. I want to hide **all** virtualization traces — including BIOS strings and firmware signatures. The only remaining field that still exposes the VM is the BIOS version string. When running the following command inside the Windows guest: wmic bios get BIOSVersion I get the output: BIOSVersion {"BOCHS - 1", "unknown", "EDK II" - 10000"} The presence of “BOCHS” and “EDK II” are strong indicators of virtualization and are easily detected. Here is what I’ve already done: 1. Modified the libvirt XML configuration. 2. Built my own `OVMF_CODE.fd` and `OVMF_VARS.fd` using the [tianocore/edk2](https://github.com/tianocore/edk2) repository. I removed all references to BOCHS and EDK inside the firmware. 3. Installed a clean Windows 11 system via ISO in this customized environment. I switched to QEMU because VMware and VirtualBox don’t offer deep enough control over SMBIOS or firmware — e.g., `SMBIOS.reflectHost = "TRUE"` doesn’t help. This is my first time working this deeply with VMs, and despite days of effort, I still haven’t succeeded. I’m reaching out to the experts here in hopes that you might point me in the right direction or offer a better method for achieving full VM concealment. For your convenience, I’ve uploaded all the relevant files and details [here](https://t.me/qemuvmwin10) for further inspection. Thank you so much for your time and for maintaining such a powerful project. Best regards, Mukhammadiev Samandar