Hi,
i'm in a big trouble with Hyper-V on a Windows 2008 R2 server. Hardware is a HP Proliant DL360 G7. Role are DC, Hyper-V (yes, i know it's not recommended), AV client is Kaspersky Endpoint Security 10.2, and everything was working fine for more than a year. Here is the full story, with the first part of problem i resolved.
First part:
I had problems with HP NIC (nc382i) when trying to update drivers to last version, and with HP Network Config Utility. I updated NIC drivers, then reboot, and i had the BSOD on boot, even in safe mode. So i had a look to minidump with debbugger, to find reasons, and it seems the ksecdd.sys driver was the culprit (cryptographic kernel driver), but didn't get why, unless Kasperksy had to to something with it...anyway, i was able to boot by using the last good know configuration, and then I removed the virtual switch on Hyper-V, dissolve HP network team (4 NICS), update drivers, then HP NCU, then tried to add a new Hyper-V virtual switch, all of these of course with VM stopped, and with autostart disabled on host reboot. I had BSOD only in normal mode, no more on safe mode, so i used again last good known configuration, removed Kaspersky Endpoint Security, HP team, and virtual swith, used all drivers which were old working versions, made again HP team, virtual switch, and everything went fine, at last! Boot with no errors, network was up and usable, all services were fine. Maybe it isn't important, but the only thing i realised is that network takes long to be up on reboot...
Now, second part with actual problems: i tried to start VM in Hyper-V...and i had the famous errors:
Microsoft Emulated IDE Controller (Instance ID {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}): Failed to Power on with Error 'The service cannot be started, either because it is disabled
or because it has no enabled devices associated with it.' (0x80070422).
And events ID 12140, 12010 and 12030
No matter what VM i tried to boot, it won't. Even if i try to create a new one, same issue.
I had a look everywhere to find solutions, so i tried with no luck :
- Change registry key to let correct a timing issue with FSDepends.sys and withVHDMP.sys ("Start" REG_DWORD at "0" instead of "3" in "HKLM\SYSTEM\CurrentControlSet\Services\FsDepends") then reboot
- Verify all access to registry, files, etc. with procmon utility to find a security problem
- Uninstall ARCServer BrightStor Backup, clean in safe mode any trace of Kaspersky withkavremover utility
- Reverse to old HP BIOS which i know is working on others servers with same configuration
- Verify again access to file and registry while trying to boot VM with procmon utility
- Removed Hyper-v role, then after reboot, install all same HP drivers for NICs, HP NCU, which are working on others servers, then reinstall Hyper-V role, create new VM...
- Verified many times files integrity with sfc (online and offline...)
Finally, i was able to boot a VM, only if i remove attached VHD, and i use only a DVD on IDE Controller, for booting for example on a Windows Server ISO. If i use an SCSI Controller, even without a VHD attached to it, i have other error:
Microsoft Synthetic SCSI Controller (Instance ID {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}): Failed to Power on with Error 'Insufficient Memory' (0x8007000E).
So i think the problem is with kernel driver, vhdmp.sys, or something likevdvroot.sys, but i don't know how to correct this, and i'm in a dead end...is someone know for example what means the0x80070422 error ? How can i verify kernel driver integrity?...
Any suggestion will be greatly apreciated, thanks!