Antivirus and Hyper-V (or: Why can’t I start my virtual machine?)

  • Artykuł

A little while ago our support team put together this KB article in response to a problem that a lot of people have been reporting.  Basically, what is happening is that users are having problems starting virtual machines after they install antivirus software in the management operating system.  The root cause of the problem is that a number of these programs monitor file access in a way that interferes with Hyper-V’s attempts to open virtual machine files.  If you see this problem – you have two options:

  1. Don’t install antivirus.  Now – before you choke on your coffee or get your pitch-forks - listen to me for a moment.  If you are running a server core configuration, or a full server configuration, and you have nothing running in the management operating system other than Hyper-V, and you do not have people logging in and browsing the web in the management partition, etc… Then you do not really need to have antivirus software installed as there is limited risk of a virus.

  2. Install antivirus and set up the following exclusions (most antivirus programs allow you to exclude specific directories, files and processes from scanning to help deal with issues such as these):

  • Default virtual machine configuration directory (Normally this is C:ProgramDataMicrosoftWindowsHyper-V)
  • Custom virtual machine configuration directories
  • Default virtual hard disk directory (Normally this is C:UsersPublicDocumentsHyper-VVirtual Hard Disks)
  • Custom virtual hard disk directories
  • Snapshot directories
  • Vmms.exe
  • Vmwp.exe

Then everything should be just fine.

Cheers,
Ben

Comments

  • Anonymous
    March 18, 2009
    Hello Ben, yesterday evening we had a big problem with one of our Hyper-V guests as described in our blog. Did you have a problem with your virtual guests, or do you only want to warn for a potential problem? We had the situation, that we could start the affected guest only without any virtual network cable connected. When we connected the NIC, the guest couldn't start. We migrated all guests from the host to another server, there all server started without problems. We had some theories, including a problem with the antivirus-software. It seems that this was the right theorie. Another long night :)

  • Anonymous
    September 20, 2010
    Hi Ben, we had "big problems" with virusscan-software on a HyperV Cluster. We did the required exclusions, but still machines did not start up ... but why? After reading exactly through debug logs, it is clear, that for example "virusscan enterprise", which has an option (like other products) to scan network drives/shares, blocks some actions, while starting a virtual machine, because the there will be an "open process" through the network share to the other cluster nodes ... and beacause of this, the "local" exclusions do not work. So we disabled on HyperV Cluster-Servers "Network-Scanning" and these things, too: *.hive *.container *.blf Maybe this helps someone. Regards Daniel Capilla

  • Anonymous
    November 30, 2010

  1. You actually paid for this "Antivirus live platinum" thinking you are getting a cheap antivirus (sorry if this what happened, more then that, chances to get a refund is minimal - after all it is a scam).

  • Anonymous
    November 15, 2011
    The comment has been removed

  • Anonymous
    November 24, 2011
    Thanks, very helpful post :-), but could you tell me did I need to install antivirus on the guest VM or not?, thanks in advance

  • Anonymous
    January 28, 2013
    Thanks for this post, I didn't even think of this when the snapshot merges kept failing.  Disabled AV and everything worked!