In theory one could emulate TPM inside a virtual machine, but from what I understand there is a key in the TPM that is machine specific. This is how the remote attestation feature works, by checking to make sure the device is "safe" and the software (e.g. music player that only lets you play it for 30 days) running on it has not been modified. This is actually pretty secure, and no logical trickery will get around it, but it's not perfect.
The fundamental flaw of all DRM/TPM systems is that you have the keys. They might make them hard to get by putting them on a separate chip instead of the RAM but a sufficiently skilled attacker with, say, an electron microscope, might be able to extract them. At that point everything is completely broken. In the traditional "Alice, Bob, and Eve" story, Alice is sending a message to Bob and doesn't want Eve to be able to decrypt it, but Bob and Eve are effectively the same person. This is why no DRM scheme can be perfect, just a major nuisance to law-abiding folk.