Windows Defender MpCmdRun.exe Custom Scan Automation Job Failing intermittently in Production Environment using TeamCity Tool
Hello Microsoft Community, We are currently facing an issue with our TeamCity build automation, specifically related to the custom virus scan using the MpCmdRun.exe command-line utility. Our setup involves executing the command: MpCmdRun.exe -Scan -ScanType 3 -File "\abc\123\v\master.129-V" -DisableRemediation This automation runs on a Windows Server 2019 Standard OS (version 1809, OS build 17763.5329), and the MpCmdRun.exe is executed from the default location (C:\Program Files\Windows Defender). During the Proof of Concept (POC) phase, we did not encounter any issues. However, when we enabled the same automation in the production environment, we are experiencing intermittent failures with the following message in the TeamCity build log: CmdTool: Failed with hr = 0x80508023. Check C:\BuildAgent\temp\buildTmp\MpCmdRun.log for more information What's peculiar is that if the job runs on the agent "Windows1" and fails, re-running the job on the same agent within a short timeframe often results in a successful virus scan. This issue is not reproducible in our test environment. We have observed the following:
- The C:\BuildAgent\temp\buildTmp\MpCmdRun.log file does not provide much information on the failure.
- No relevant event logs are generated for Windows Defender in the Event Viewer.
We are seeking assistance on the following:
- How can we determine the root cause of the intermittent failure and resolve it?
- Why are event logs not being generated for Windows Defender in the Event Viewer during these failures?
Any insights or guidance would be greatly appreciated. Thank you. Regards, Vamsi Krishna