Vapm exe что это за процесс

What is vapm.exe?

The genuine file is a software component of Kaspersky Security Center Network Agent by Kaspersky Lab .
«VAPM.exe» is the Vulnerability Assessment and Patch Management component of two products by Kaspersky Labs North America: Kaspersky Security Center (KSC), which runs on Windows Server, and Kaspersky Endpoint Security (KES), both for enterprise networks. It first appeared in Version 10. It works with «klnagent.exe», the Kaspersky Network Agent, to detect and allow pushing of patches or bug fixes to applications. It installs in a subfolder of «C:\Program Files» and use of the Control Panel «Uninstall» applet to remove «klnagent.exe» will remove it. In 2013, the combined CPU consumption of «VAPM.exe» and «klnagent.exe» often approached 99% and drastically slowed computers across installations. It is not clear whether this was corrected. Kaspersky Lab North America, founded in 2004 by CEO Eugene Kaspersky and others already working with him in pioneer anti-virus research, is the world’s largest privately-owned cybersecurity company and one of the fastest-growing, based in Massachusetts, USA with offices in 32 countries.

The .exe extension on a filename indicates an exe cutable file. Executable files may, in some cases, harm your computer. Therefore, please read below to decide for yourself whether the vapm.exe on your computer is a Trojan that you should remove, or whether it is a file belonging to the Windows operating system or to a trusted application.

Vapm.exe file information

Vapm.exe process in Windows Task Manager

Что за процесс vapm.exe?

Обычно, vapm.exe это часто антивируса Касперского, точнее, часть Kaspersky Security Center, который курирует в организации установленные у пользователей локальные модули.

Во время оценки уязвимостей, может занимать много места в памяти и много процессорного времени. Обычно рекомендуется обратится к администратору антивирусной безопасности вашей организации.

Если это на домашнем компьютере, стоит влезть в Центр Управления Касперского и посмотреть — чем это он так занят.

А вот если у вас нет никаких продуктов Касперсий Лаб, то можно начать беспокоится.

Vapm exe что это за процесс

+ ВЕРХНИЙ / в нижнем регистре
VAPM.EXE / vapm.exe
+ Путь установки
C:\Archivos de programa\Kaspersky Lab\NetworkAgent\vapm.exe
+ Описание файла
Kaspersky Administration Kit Vulnerability Assessment & Patch Management Component
+ версия
10.0.3361.0
+ Наименование
Kaspersky Security Center
+ Комментарии
Empty Value.
+ разработчик
Kaspersky Lab ZAO
+ авторское право
© 2013 Kaspersky Lab ZAO. All Rights Reserved.
+ файл MD5
5683f0fb434860c233ef26d99b3818fb

Распределение Операционная система
Windows XP — 100%

Распределение Язык Операционной Системы
01 Испанский (Испания)

Kaspersky Endpoint Security 10 and vapm.exe

I’ve noticed vapm.exe running on computers with KES 10(.1 and .2) when users have been reporting slowness. That process is called «Kaspersky Security Center Vulnerability Assessment & Patch Management Component»

I use WSUS and Group Policy to manage patching so I don’t need KES to do it.

I’ve turn off Vulnerability scan a long time ago because of slowness it creates. The task for every policy related to this is set to «Manual» and there are no scheduled tasks to run it.
In the Properties of the installation packages, I’ve unchecked Vulnerability Monitor but vapm.exe still runs on new installations.

How can I stop vapm.exe from running on ALL machines KES is protecting? I can’t have it running out of control.

Bill Morrow

Enter to win a BMC Bluetooth Speakers & Meta Quest 2

MikeJT

Close the «lock» in the option «Scan executable files for vulnerabilities when starting them» and apply the policy.

25 Replies

iTrick

Do you have Vulnerability Scan turned off on every sub-policy you have, as well as the one within Managed Computers? You also mentioned you have a separate task for running vulnerability scans manually, but you have «Run Missed Tasks» toggled to off? See http://support.kaspersky.com/9760 .

Also, c lose the «lock» in the option «Scan executable files for vulnerabilities when starting them» and apply the policy.

OP Bill Morrow

It’s off (unchecked) on the top-level policy (see image) as well as the lower level groups (looks same up frosted-out.)
I turned «Run Missed Tasks» off earlier in the week thinking that was what was causing it. I deleted the scheduled task long ago.

On new installations, VM isn’t installed but it still shows up in Tasks for the computer.

While the CPU shows 00, it doesn’t stay that way.

iTrick

What if you force synchronize the policy onto the clients? Also, have you rebooted a test client VM / machine to see if it continues to run afterwards? It may just need a refresh.Technically, unless there is something really abnormal going on, those steps should have stopped it from running.

I can’t visibly see it, but is that example client running under the policy? Task Manager is covering it up. I’ve had instances where the client wasn’t running under the policy, causing components to run although they were disabled.

OP Bill Morrow

Policies I changed did synchronize. I was able to confirm the computer name in the results list. No change when I force synch. vapm was still running. It comes back if I end process, too.

The computer in the screenshot just had KES 10.2 reinstalled on it with VM unchecked from the installation package and rebooted at least twice. It is running under a policy, I moved Task Manager over the area of the showing doman\username.

The only enabled Protection on that computer is File AV, Mail AV, Web AV, Network Attack Blocker, and System Watcher.

The only tasks on the computer are a scheduled scan, custom scan, and scheduled update for the group that computer belongs to.

iTrick

Hm. I’m stumped. At this point, you may want to either send Ray @ Kaspersky a PM, contact your Account Manager / Channel Systems Engineer, or Kaspersky Support.

Sorry I couldn’t be of more help.

OP Bill Morrow

It’s even more of a mystery now.

Saw a post on the Kaspersky forum about the same thing (from last fall) and the solution was to remove the task from the «Managed Computers» group. I did that a while ago (days, not minutes ago.)

On my computer, I started the task. I can hear my drive churn. vapm.exe is at 0 while avp.exe is is fluctuating. Is vapm controlled by something else?

Vapm is coming from vulnerability module being installed. the process will load but you will notice it takes up no CPU consumption. The process is awaiting commands either by you enabling vulnerability monitor or by a task execution that may be scheduled at security center. You can modify your installation package to not include vulnerability monitor at all.

OP Bill Morrow

Ray, that is unchecked in my packages, I made those changes yesterday. The previous screenshot was taken after I reinstalled KES with the new package settings. vapm is still there and does take cpu from time to time (checking in perhaps?).

OP Bill Morrow

Is it possible that vapm is a leftover from the initial installation that had VM in the packages?

iTrick

I’ve been doing some research on this topic because I’m curious as well why vapm.exe would still be running after disabling those options previously noted, and I found this thread: http://forum.kaspersky.com/lofiversion/index.php/t258117.html which, if you scroll to the bottom, shows that the user had to perform a driver update on Intel Matrix Storage, then the problem disappeared. So, could it be a driver issue? I’m not sure, but it’s worth a shot, especially if you are running Kaspersky on devices of the same build.

OP Bill Morrow

Again with iastor?

I have a couple new machines to build. Now that the settings are refined in the console, I’ll be able to see if it appears on a clean install.

iTrick

Bill Morrow wrote:

Again with iastor?

I have a couple new machines to build. Now that the settings are refined in the console, I’ll be able to see if it appears on a clean install.

Sounds like this isn’t your first time having problems with that .sys file. Sure, sounds good. Keep me posted because I’d like to know myself for future reference. 🙂

OP Bill Morrow

Installation package has Vulnerability Monitor UNchecked. Clean install on new, out-of-the-box laptop and vapm.exe appears in Task Manager. Haven’t noticed it running.

Guess it’s not tied to the Vulnerability Monitor like I thought. If it’s not tied to the core product, that leaves: File AV, Mail AV, Web AV, Network Attack Blocker, or System Watcher.

I would like to know what it’s doing in case it goes out of control, I’ll know how to stop it or at least, where to look.

Bill, was this issue ever resolved for you? If so, please mark the best answer, or tell us what eventually worked for you. Thanks!

Kaspersky Group Admin

OP Bill Morrow

No, I’m still at a loss as to what vapm does and why/how it appears on installations without Vulnerability Monitor installed.

MikeJT

Bill, have you disabled all the vulnerability settings in your Network Agent policy? I had to do this. Previously we did not have an agent policy, but after updating I wanted to kill this process so I created one and turned off all vulnerability settings in netagent policy.

OP Bill Morrow

That is off (unchecked) and has been for a long time.

MikeJT

Close the «lock» in the option «Scan executable files for vulnerabilities when starting them» and apply the policy.

OP Bill Morrow

I think we have a winner. Locked it, waited for NA policy to apply and it’s no longer running on my machine.

I guess it makes sense now. Unlocked means it’s optional so it’s there waiting, locked and unchecked means never run so it’s gone.

iTrick

Well, I’m glad this worked for you Bill, however, that was a solution on the very first post I placed on this thread. Looks like you missed that detail 😛

OP Bill Morrow

Sorry I missed that last part, iTrick. Didn’t realize it was for the NA policy. thought it related to the task screenshot in the link. Feel free to kick me back on track if I stray again.

Here’s the Network Agent Policy screenshot (for others having the issue.)

iTrick

No problem. I probably should have clarified.

Let us know if you have future issues 🙂

Hi all, I also have the same problem. I need to disable Vamp.exe. I did what you said, but the service is still active in Vamp.exe customers Kaspersky. What else I can do?

danimonzn wrote:

Hi all, I also have the same problem. I need to disable Vamp.exe. I did what you said, but the service is still active in Vamp.exe customers Kaspersky.What else I can do?

Hi danimonzn! I see that you are new to Spiceworks, so welcome. Just to let you know for future reference, it is better to create a new post with your questions instead of adding to old posts, because you will probably get more answers. Check out Bill Morrow’s most recent post, and MikeJT’s most recent post. They both explain what you need to do. In your screenshot, it looks like you didn’t close the lock next to the checkbox at the bottom of the screen. Try to close that lock and then re-apply the policy. If that doesn’t work, let us know!