Link to home
Avatar of James Gordon
James Gordon

asked on

Prevent vmmem from running.

After Windows 10 startup a process called VMMEM runs for approximately 2 minutes, utilizing around 75% of CPU. Aside from the resource intensive nature of this process, what is even more absurd is that I am not running any virtual machine that I am aware of. This problem only started to appear in the past month. Prior to that I have used Windows 10 for 2 years and never saw this process running on my machine. I have searched Google for a way to prevent this to no avail. Although my machine boots in 30 seconds I must wait 2 minutes while nothing useful is happening.

I need a way to prevent this process from running.
Avatar of Alex
Alex
Flag of United Kingdom of Great Britain and Northern Ireland image

Are you running docker or Kubernetes in a virtual machine or something??


Also, if you go to services.msc, right click the service and find the location it's running from.


SC Query VMMem may find it also


If not let me know, you should be able to disable the service that runs it.

Please verify if the hyper-v feature is installed. If so, but you have no VMs, it could be that OS features that rely on virtualization based security are in use, that you are not aware of.

Avatar of James Gordon
James Gordon

ASKER

to McKnife,
the checkbox for hyper V is empty in my system characteristics.

Please download and open process explorer from  https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer and start it using right click and selecting "run as administrator". In its list, find and double click that vmmem and see if in its details on the tab "image" it says "Parent: vmwp.exe".

More: That check is meant to determine the legitimacy of the process. If you have no hyper-v installed, it shouldn't be there, after all, unless you are using related technologies.

To McKnife
the image of process Explorer output is attached. The checkbox for hyper V is not checked in my system characteristics.
I think it is important to note that this problem only started to occur one month ago. I never saw vmmem before that and I have been using Windows 10 since it was 1st released.
Do you need more information?
Thanks, JamesUser generated image

Seems to be legitimate.

You would expect to see vmmem whenever a VM is running.


You should investigate what other non-default windows features are installed on your machine. Maybe "virtualization based security" is in effect -  https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs

None of the advanced information provided by the link you sent applies to my system. As I said, this started happening one month ago.
Firstly, let me say that it is obvious to me that you are an accomplished troubleshooter, you have done excellent research and you know what you're talking about.

I have no special security requirements, no non´-default Windows features installed and there has been  no new software installed during this month.

Correct me If I am wrong but it seems logical, based on the information you have provided, that the presence of vmmem is not legitimate. As there always is. however, there must be a logical explanation. As Sherlock Holmes says, when all of the likely possibilities have been excluded, what remains must be the answer. I think that all possibilities have been excluded, so, what remains is the question.

James
ASKER CERTIFIED SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Thank you, McKnife.

I am eager to know whether msinfo32 showed that " Virtualization-based security" was active, after all, James.