This behavior has been seen when Microsoft Forefront Client Security is installed in the Parent partition when Hyper-V exclusions are not present.
NOTE: This behavior may also occur with other Anti-Virus solutions. Due to the different scanning mechanisms between vendors, we recommend that you consult with your Anti Virus vendor for proper configuration.
For more information, please reference the following Microsoft Knowledge Base Article:
961804 Error code when you create or start a virtual machine on a Windows Server 2008-based computer that has Hyper-V or on a Microsoft Hyper-V Server 2008-based computer: 0x800704C8, 0x80070037 or 0x800703E3
To resolve this issue, please set the following exclusions in Microsoft Forefront Client Security. For Windows Failover Clusters, ensure that these exclusions are set on all Nodes participating in the Cluster.
- Default virtual machine configuration directory (C:\ProgramData\Microsoft\Windows\Hyper-V)
- Custom virtual machine configuration directories
- Default virtual hard disk drive directory (C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks)
- Custom virtual hard disk drive directories
- Snapshot directories
- When hosting virtual machines on Cluster Shared Volumes ( CSV ) on Windows Server 2008 R2, exclude the C:\ClusterStorage folder and all of its subdirectories
NOTE: Process exclusions cannot be defined via policy. These must be defined in the Forefront UI on the local machine.
- All VHD, VHDX, AVHD, VSV and ISO files
Once the proper exclusions have been configured, the following additional steps need to be taken:
- Shutdown all running virtual machines. Alternatively, you can also save the state of your virtual machines with the exception of virtual machines running SQL, Exchange, or virtual machines hosting the Active Directory Services role.
From an elevated command prompt, stop the Hyper-V Virtual Machine Management Service.
net stop vmms
From the same elevated command prompt, configure the Hyper-V Virtual Machine Management Service to be dependent upon the Forefront Client Security AntiMalware Service.
sc config vmms depend= RPCSS/WINMGMT/FCSAM
From the same elevated command prompt, start the Hyper-V Virtual Machine Management Service.
net start vmms
Turn on your virtual machines.