Solved

Windows installer window is open at log on to a DC

Posted on 2016-10-28
27
34 Views
Last Modified: 2016-11-01
For the past couple of weeks when I log on to one of our DC's the Windows Installer window is open.
Any idea what would cause this?   How do I stop it?

installer
0
Comment
Question by:jrsitman
  • 13
  • 8
  • 6
27 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41864514
Have you checked to see if there's anything in the Startup folder or in the "Run"  registry key on that server?
0
 

Author Comment

by:jrsitman
ID: 41864546
startup is empty.   Where exactly would I search the registry for the "Run" key?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41864589
HKCU/Software/Microsoft/Windows/CurrentVersion/Run
HKLM/Software/Microsoft/Windows/CurrentVersion/Run
0
 

Author Comment

by:jrsitman
ID: 41864603
see attached

current userlocal machine
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41864815
Download a copy of Microsoft Autoruns.  This shows everything that runs automatically in the system, both at boot time and for the current user.  It also gives some useful information on the side, i.e., the description and the software publisher, so you can better decide whether that particular item should be running.

The Logon tab will be of particular interest since the installer window is showing when the admin logs on.

Microsoft Autoruns
0
 

Author Comment

by:jrsitman
ID: 41864816
thanks I'll work on it tomorrow
0
 

Author Comment

by:jrsitman
ID: 41865881
See attached.  I don't see anything.   I'll keep checking.
auto run
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41865895
OK.  All the stuff that is in yellow does not exist and can be disabled.  Either uncheck it to leave it in the list, or right-click and select "Delete" to remove it from the list.

Try disabling (uncheck it) the Google Chrome Installer, which since you're seeing an installer window seems like a red flag.  Reboot, see if the problem is gone.

If not, re-enable it, then disable each of the three items starting with "GoogleChromeAutoLaunch" one at a time, reboot, and see if the problem goes away.  If not, re-enable that item and move to the next one.

If the "Network Monitoring Tray" is not required, I'd disable that.
0
 

Author Comment

by:jrsitman
ID: 41865897
Does deleting it remove it from the registry?
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41865903
Deleting will remove it from the registry.  Unchecking it does not.
0
 

Author Comment

by:jrsitman
ID: 41866045
I've been unchecking the items 1 at a time and rebooting.   Still pops up.  After the last reboot, I logged on as my assistant and it didn't pop up.   Logged on  as Administrator (my account) and it popped up.  Any thoughts?
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41866059
No idea at this point other than walking through the "Everything" tab, which is a long trek across the desert.  Perhaps another expert will have some insight.
0
 

Author Comment

by:jrsitman
ID: 41866084
thanks I'll wait for additional input
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41867092
Did you try unchecking the Google Chrome Installer item (last section of the Autoruns output)?  It's not one of the ones that is obviously a problem, but it is an installer app and it appears to be an MSI installer that's trying to run when you log in.  Plus it's odd that it would be running every time you log in.
0
 

Author Comment

by:jrsitman
ID: 41867130
Yes, I unchecked it.  I could always try uninstalling Chrome.   Did you see my post that it doesn't happen when my assistant logs in?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41867482
Yes, that points to something that would only run in an administrative context, which of course would include installing a program, likely some install process that was started by someone logged on with the admin credentials.  I'm thinking that an attempted installation has gotten hung up with a registry entry to run on the next restart or login, but it's not allowed to run because it requires a command line with some switches to operate properly.  I would definitely try uninstalling Google Chrome and see what happens.  You can always reinstall it if you need to.
0
 

Author Comment

by:jrsitman
ID: 41867789
I compared my everything list from Autorun to my assistant.   I have 18 items he doesn't have.   However, he has several I don't have.
I guess I could uncheck mine in groups of 5 and see what happens.   Your thoughts
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41867887
It is a long shot, but you might try this:  Download a copy of Microsoft Process Explorer.

When the install window pops up, run Process Explorer and look at the process tree to see what process started the installer.  Perhaps this will suggest something.

Process Explorer
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41868505
Does your assistant have a Chrome icon on his/her desktop, task bar or quick launch? Do you?
0
 

Author Comment

by:jrsitman
ID: 41868548
he doesn't and I uninstalled Chrome yesterday.  Still getting the installer window when I log in.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41868575
Hmmm - did you check the registry to see if that ActiveSetup key and/or the autolaunch registry key were still there?
0
 
LVL 23

Expert Comment

by:Dr. Klahn
ID: 41868579
Is Autoruns disabled on this system?

If not, are there storage devices attached (including hard drives and USB flash drives) with autorun configuration files?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 41868590
Also, have you run MSConfig to see what's in the Startup section now?
0
 

Author Comment

by:jrsitman
ID: 41868631
OMG.   All this time we been looking everywhere except the obvious.  It was in the Msconfig startup.

Thanks to all for helping
0
 

Author Closing Comment

by:jrsitman
ID: 41868635
Thanks
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 41868665
LOL - I usually try to do those obvious ones early on, but made the mistake (as we all do occasionally) of assuming we'd already covered that!  Glad we finally got it fixed for you.
0
 

Author Comment

by:jrsitman
ID: 41868677
Yep, been there done that.  Thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now