Jump to content
abowley@kriebelgas

KES 10 vapm.exe and klnagent.exe using 90-100% CPU

Recommended Posts

I rolled out KES10 on several machines because of the KES8 Patch B/C issues, and now these machines are having issues of their own.

 

More specifically, a process caled vapm.exe (which I had never seen before in previous KES releases) runs at between 48% and 50% CPU usage constantly, and at the same time klnagent.exe uses between 33-41% CPU; and the users are experiencing massive slowdowns.

 

These are Core i5 and Core i7 machines running Windows 7 Enterprise x86 so the hardware/OS is not the bottleneck.

 

 

I am also seeing this behaviour on the KSC10 server (Windows Server 2008 R2 x64). CPU is constantly maxed out at 99-100% due to vapm.exe and klnagent.exe.

 

I understand vapm.exe is related to the software vulnerability scan, and I'd really like to know a way to disable that feature completely. I could care less if our uses have an outdated copy of Java, Flash, or Adobe Reader. Seems like a totally pointless feature to me.

 

Please help! KES10 for these users is only slightly better than the horribly unstable KES8 Patch B/C!

Share this post


Link to post

OK I think I figured this out on my own.

 

There was a task (which I did NOT create or start) in the parent Managed Computers group called "Find vulnerabilities and application updates". We don't keep any tasks at the parent level so I never thought to look there.

 

The task was running on all machines in all three of our machine groups (Servers, User Workstations, and MIS Department Workstations) and despite the fact that it has been running ALL MORNING, was only to 60%. I stopped and deleted the task, which brought CPU usage down to normal on all machines but one. On the one machine, I had to manually kill the vapm.exe via Task Manager.

Edited by abowley@kriebelgas

Share this post


Link to post

Thanks, this was killing all computers on my recently updated KSC/KES 10 network too. This task ran for HOURS and crippled my server and all workstations in the process. Even my i5-2500 workstations were severely impacted so it wasn't just older generation computers.

 

Makes me wonder if Kaspersky really tested this task inhouse before release. These recurrent quality control issues are extremely concerning, particularly considering their products install on just about EVERY computer in an organisation.

Edited by peegee68

Share this post


Link to post
Thanks, this was killing all computers on my recently updated KSC/KES 10 network too. This task ran for HOURS and crippled my server and all workstations in the process. Even my i5-2500 workstations were severely impacted so it wasn't just older generation computers.

 

Makes me wonder if Kaspersky really tested this task inhouse before release. These recurrent quality control issues are extremely concerning, particularly considering their products install on just about EVERY computer in an organisation.

 

Mate, Kaspersky does say Finding Vulnerabilities task is resource intensive. So, you have to manage that way. No need to run this task during period of network load etc.

Share this post


Link to post
Mate, Kaspersky does say Finding Vulnerabilities task is resource intensive. So, you have to manage that way. No need to run this task during period of network load etc.

 

 

Okay, no worries mate. So then explain to me why, knowing this, they add this as a scheduled task to run in KSC10? I have deleted it off my server so not sure when it was scheduled for but it certainly seemed to me that if it missed the overnight schedule it would run on next reboot. If this is a CPU killer (and it was for all my machines - and also to your it would seem) then let the admins create this task manually. Seems illogical to have it run "out of the box".

Share this post


Link to post

We've noticed this problem as well related to the vulnerability scan via net agent. In our environments we've only seen extremely high CPU usage from the net agent on Win Server 2008R2 platforms. All of the local clients on Win7 platforms are running fine. Making sure to run the scan only on child objects that are not servers has resolved this issue at least for many of our clients.

 

 

Share this post


Link to post
We've noticed this problem as well related to the vulnerability scan via net agent. In our environments we've only seen extremely high CPU usage from the net agent on Win Server 2008R2 platforms.

Hello. Thank you for information. We try to reproduce.

Share this post


Link to post

And this "Vulnerability Scan" group task isn't showing in my KES 10 client tasks list. Other group tasks are showing ok.

 

Is it possible to implement the option "Suspend scanning when the screensaver is off and the computer is unlocked" in this vulnerability scan task ?

Share this post


Link to post
We've noticed this problem as well related to the vulnerability scan via net agent. In our environments we've only seen extremely high CPU usage from the net agent on Win Server 2008R2 platforms. All of the local clients on Win7 platforms are running fine. Making sure to run the scan only on child objects that are not servers has resolved this issue at least for many of our clients.

I noticed this too (and the vapm.exe) but turning off that task as mentioned above, helped the vapm, but not the network agent. My servers did NOT have the Kaspersky endpoint 10 installed (used to have 8 but I uninstalled) so it had just security center which put on the network agent. After I stopped the VAPM task, and then installed EP10, the CPU utilization went to expected levels for the network agent.

Share this post


Link to post
OK I think I figured this out on my own.

 

There was a task (which I did NOT create or start) in the parent Managed Computers group called "Find vulnerabilities and application updates". We don't keep any tasks at the parent level so I never thought to look there.

 

The task was running on all machines in all three of our machine groups (Servers, User Workstations, and MIS Department Workstations) and despite the fact that it has been running ALL MORNING, was only to 60%. I stopped and deleted the task, which brought CPU usage down to normal on all machines but one. On the one machine, I had to manually kill the vapm.exe via Task Manager.

 

Thnx a lot man

Share this post


Link to post

Hello,

 

I noticed this too (and the vapm.exe) but turning off that task as mentioned above, helped the vapm, but not the network agent. My servers did NOT have the Kaspersky endpoint 10 installed (used to have 8 but I uninstalled) so it had just security center which put on the network agent. After I stopped the VAPM task, and then installed EP10, the CPU utilization went to expected levels for the network agent.

 

In KSC10 the Network Agent Policy (not the Protection Policy) has a parameter to check vulnerabilities on starting applications.

I had to disable this parameter to get back the CPU to normal level.

 

Regards,

Guillaume.

 

 

Share this post


Link to post
I noticed this too (and the vapm.exe) but turning off that task as mentioned above, helped the vapm, but not the network agent. My servers did NOT have the Kaspersky endpoint 10 installed (used to have 8 but I uninstalled) so it had just security center which put on the network agent. After I stopped the VAPM task, and then installed EP10, the CPU utilization went to expected levels for the network agent.

http://support.kaspersky.com/9760

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.