Users of Kaspersky Anti-virus have reported the presence of a process named vssbridge64.exe as part of their package. The AO Kaspersky Lab said that the process is a part of the Anti-virus. It is known as the Kaspersky Volume Shadow Copy Service Bridge and in this article, we will explain what it is while also discussing what its use is and why it is present on your PC.
Before we begin, let me give you a brief overview of the major topics covered in this article. Here, we will talk about:
- What is the vssbridge64.exe service? Is it a part of the Kaspersky Anti-virus package?
- What is the Volume Shadow Copy service?
- What is the 32-bit process avp.exe?
- Is vssbridge64.exe malware?
What is the vssbridge64.exe or Kaspersky Volume Shadow Copy Service Bridge
The Kaspersky Volume Shadow Copy Service Bridge (vssbridge64.exe), as the name suggests is a service that acts as a bridge between the 32-bit avp.exe process and your OS’s 64-bit Volume Shadow Copy service, facilitating the interaction between them.
The technical jargon above may have been a little difficult for some of you to understand but it can help to know what the Windows Volume Shadow Copy service is, so as to help you understand better.
What is the Volume Shadow Copy service?
Observed in Windows as VSSVC.exe, the Volume Shadow copy service helps you to mirror your hard drive and store it to be used in an event where your memory is compromised. The service takes the image of at least your system drive. This helps us restore our system with ease since there is a backup of most application configurations and that can directly be booted into the system, saving a lot of time and effort. You can read more about what VSS is and what purpose it serves in Windows here.
The ‘avp’ executable file, on the other hand, is a part of the Kaspersky Anti-virus i.e., it comes with the software. The file offers security services against viruses, trojans, etc. along with an optional personal firewall.
Let us have a look at the possible paths where you might find the vssbridge64.exe file on your Windows PC.
Kaspersky Volume Shadow Copy Service Bridge paths on Windows
- c:\program files (x86)\kaspersky lab\kaspersky internet security 16.0.0\x64\
- c:\program files (x86)\kaspersky lab\kaspersky anti-virus 17.0.0\x64\
- c:\program files (x86)\kaspersky lab\kaspersky internet security 18.0.0\x64\
- c:\program files (x86)\kaspersky lab\kaspersky internet security 20.0\x64\
Users should note that the paths mentioned above are the common paths, but it is not an exhaustive list since the installation path of software can always be changed.
A major concern that most people have with executable files is that they may steal malware. Files can be renamed as anything, so malware can be packaged and shipped to your system being named vssbridge64.exe, which is a process file for the Windows-powered Kaspersky Anti-Virus tool. However, there haven’t been any reports of there being malware in this particular file just yet.
There is an easy way to check if your vssbridge64.exe is a safe executable file or not. Simply locate the .exe file and open its properties. In the Properties dialog box, select the Digital Signatures tab and check if it is signed by AO Kaspersky Lab. If it isn’t, which is rarely the case, it is possible that your file contains malware. If you feel unsafe, you can uninstall it too.
We hope that this post sufficiently clears all your doubts about what the Kaspersky Volume Shadow Copy Service is.
