N-central Help

KBA91001: Troubleshooting AV Defender module modification

Every 30 minutes, the SolarWinds N-central agent performs a tamper-proofing routine. This ensures the settings that are configured in SolarWinds N-central match what is on the device.

If the tamper-proofing routine discovers that a module of AV Defender is missing, the agent initiates an installation action to replace the missing module. Once complete, the computer will be re-started the next time that it is permitted to do so in the Maintenance Window. If the module is still missing, the agent initiates the installation again.

After the third re-start due to this operation, SolarWinds N-central stops all further re-start attempts and writes an error message in the Symptom section of the AV Defender Status Service.

The following error message appears for the AV Defender Status service:

"The maximum number of attempts to modify modules has been reached. Modification has been attempted <x> times."

In most instances, this problem is caused by a corrupt installation. Reinstall Security Manager to correct the issue.

  1. Click ViewsAll Devices and click the name of the device.
  2. Click SettingsSecurity Manager and click Enable Security Manager check box to uninstall Security Manager.
  3. Click Save.
  4. Allow sufficient time for SolarWinds N-central to complete uninstalling AV Defender; it can take up to 30 minutes.
  5. Re-start the device.
  6. Repeat step one to install Security Manager.

The procedure described above will perform a complete removal and re-installation of the AV Defender software. This will also clear the re-start attempt counter and allow the tamper-proofing routine to continue.

If the missing module is not reinstalled, the tamper-proofing routine attempts the removal and re-installation of the AV Defender module again. You can verify that the AV Defender modules are properly installed by reviewing the Installed Module scan detail of the AV Defender Status service.