bizarre issue: windows 7 regularly re-downloading installation file

bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
Our department did a mass installation of a new piece of software last week to about 50 systems. Installation was done by putting the setup file on a fileserver, then remote desktop'ing to each client and installing over the network -- there was no msi file, and no option for a silent install.

Monday the software started being used, and a lot of latency/disconnects were reported. Network traffic was pretty low except for the occasional large spike on the system I monitored. After a couple days back-and-forth I decided to setup an RSPAN session and watch wireshark, and I'm seeing the weirdest thing.

Every 10-11 minutes, every machine that this was done on reaches back and downloads the 80MB setup.exe via SMB2. The weird thing is, those that had prior versions installed on it (for demo, testing, etc) are attempting to get the setup file from those versions as well!

I'd originally thought this was something with the program -- then with perhaps the program's installer script not cleaning itself afterwards, but by chance one of the captures showed a system trying to retrieve the setup file for a completely different program! I'm starting to think this is either windows itself (unlikely) or some other completely unrelated software (also seems unlikely)

For all I know this has actually been going on for a while, but due to either the install files being relatively small and/or removed, its presence has been small enough to be beneath notice.

Has anyone seen ANYTHING remotely like this, or have any suggestions on tracking this down further?
Latest Completed: CISSP

Current goal: Dunno

Comments

  • MCITBoundMCITBound Member Posts: 65 ■■□□□□□□□□
    Is the other program related to the deploying program? My first thought would be some support files that the original program is designed to look for in that location. I know Autodesk has some crazy file retrievals going on. It'll even look for files that either don't exist or files on a path not even remotely close to even be a legit path for Autodesk.
    If I gave good advice or was insightful, please add to my reputation!! If you have a LinkedIn account and want a new connection, feel free to add me! If you have any questions, ask! :cool:
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    No, the 2 programs are completely unrelated (as far as I know).

    We just tested on a system that 1) had program 2 but not program 1 installed on it, and 2) had program 2 installed over the network, and program 2 is regularly downloading its install file too.

    This was probably just never noticed as program 2's install file is only 1.5MB, so it doesn't even register as a blip - I just happened to run a capture on a computer that had both installed and happened to see both request their installer.

    For the moment we've just renamed/moved the installer files, but personally I don't consider this a fix or even a workaround (at least not yet).
    Latest Completed: CISSP

    Current goal: Dunno
  • About7NarwhalAbout7Narwhal Member Posts: 761
    Are offline files enabled for these computers?
    Do the user settings or application configurations get reset after the download? (or do the users have disconnection problems after the download?)
    Is the time they download the same or predictable?
    Does this issue occur from a local install? (non-rdp/installer on client)
    Can you recreate the issue with another application? (aside from program 1 and program 2)
    Is the server an SMS server or do you have an SMS server on site? (or are the clients running Capinst.exe)

    **EDIT**

    Also, just out of curiosity, what happens if you rename another installer to match program1 or program2? It would be interesting to see if the application installs.
Sign In or Register to comment.