After Win10 Creators update, VMs do not start in Workstation or Player.

Jump to solution

After the Creators Update, I cannot run the suspended player sessions.

Attempting to open a VM eventually generates this error:

Could not get snapshot information: Insufficient permission to access the file.

Module 'Snapshot' power on failed.

Failed to start the virtual machine.

The problem appears to be the vmx.lck and vmsd.lck folders, which I cannot access or delete, even running "as administrator"

edit: the problem is not the .lck folders, they are simply left over with some content open after the error above.

Any help diagnosing this issue would be much appreciated.

24 Replies

Response about this issue from Webroot 10/31:


We have identified the problem and have a resolution currently being tested by our QA department. It will be scheduled for release soon.

For now you can leave this option off for now.


Brendan G

The Webroot Escalation Team

0 Kudos

I also had an open ticket with Webroot. I got a workaround from them and also they will fixing this problem in the December release, supposedly.

Thank you for reaching out and reporting the file operations issue observed after the recent Windows 10 Fall Creators Update release.

After updating to Windows 10 Fall Creators, users may get notified that access to files and or folders was denied. Typically, this will happen when creating, updating, moving, or deleting existing files and folders.  

We understand the inconvenience this can cause and want to inform you that we’ve identified the root cause and have created a patched version of WSA that is currently undergoing QA testing. Once all testing is complete, the patched version of WSA will be made available to you for manual and automated installations using the Webroot console.

The next version of WSA, due around December this year, will have the fix included and customers will receive it then as part of the normal deployment processes.

Below are workarounds to disable the "Real Time Shield > Scan Files When Written or Modified" policy setting. There are 2 methods and which one you use will depend upon how an endpoint is managed.

Workaround 1 – If you run agents with other policies, perform the following steps:

  1. Sign into the Webroot SecureAnywhere portal by visiting
  2. Navigate to the "Policies" tab and select the policy used by your agents.
  3. Click the "Realtime Shield" option on the left.
  4. Set the draft changes for "Scan files when written or modified" to Off.
  5. Click the "Save Changes" button and then the "Promote Draft Changes to Live" button.
  6. Once the agents check in, they should receive this new policy and apply it correctly.

Workaround 2 – If you run agents with an unmanaged policy, perform the following on each device:

  1. Open the Webroot SecureAnywhere agent by double clicking the "System Tray" icon in the lower right of your screen or by using the desktop icon.
  2. Click the "Advanced Settings" button at the upper right of the window that appears.
  3. Click the "Shields" button on the left side of the options window.
  4. Remove the check mark next to “Check files for threats when written or modified.”
  5. Click the "Save" button at the bottom of the options window and enter the code when prompted.

In both cases, note that the application or process that reported the error will need to be completely restarted. The simplest way to achieve this is by rebooting the computer.

Please be aware that this is only a temporary workaround, reverting this workaround once the Webroot Hotfix gets applied would be the best course of action. To be notified of new product releases we recommend subscribing to our dedicated forum for release announcements. This forum is available here:

To subscribe to the forum to get alerts automatically sent to you when they are published:

  1. Visit the forum linked above.
  2. Click on the "Options" drop down and select "Subscribe."

To manage existing subscriptions, click your Username, then select "My subscriptions." Existing subscriptions can be viewed and modified from there.

Kind Regards,

Nigel | Webroot Business Support

0 Kudos

Got a new response from Webroot. There is a new update that apparently fixes this issue.

Thank you for contacting Webroot Support.

To be compatible with the release of the Windows 10 Fall Creator update build 1709, we have made available our SecureAnywhere endpoint version If you are considering updating to the Windows 10 Fall Creator update build 1709, we strongly recommend updating your SecureAnywhere endpoint version to our release. This will ensure that when you update your system, your security will be compatible with the upgrade.

To install this latest version of Webroot, you can either update your current version of Webroot endpoint or you can uninstall and reinstall using our latest endpoint download available via the Webroot Admin Console > "Resources" tab.

To force an update to the latest version, please use the "Agent Commands" option from within the Webroot admin console. From the "Sites" tab of the console, click to manage the specific site in question > Endpoint Protection > Group Management > Agent Commands > Advanced > Download and Execute a File.

You can also use the URL above to download the installer locally on the endpoint via a browser, and run manually.

NOTE: If you have already updated to the Fall Creator update and were previously utilizing the workaround (of disabling “Scan files when written or modified,” under the real time Shield in the Policy applied to the endpoint/s), after updating the endpoints to version, please re-enable this setting of "Scan files when written or modified" within the policy.

If you have any further questions or concerns, please respond to this message and we will be happy to assist.


Nigel | Webroot Business Support

0 Kudos

I have notice yesterday that i was able to start VM without closing webroot. so the update has been pushed or being applied.


Agreed!  Thanks for the update.  I was having the issue with Webroot SecureAnywhere version:  Per the instructions on this thread, I had to disable Check files for threats when written or modified under Advanced Settings > Shields.

Now, I have Webroot SecureAnywhere version: and VMware launches without issue with option enabled.

All good.

0 Kudos