Incredibly slow and suspicious Patch deployment with Shavlik.

Yesterday evening we had a patch maintenance window where I patched a group of 50 servers. This example bases on one randomly selected system out of the 50 servers:

Machine: S1150          Patch Count: 12          Patch progress: Executed 12 of 12          Status: (green) Finished          Started 20:38          Finished: 21:49

Machine: S1150          Patch Count: 2            Patch Progress: Executed 2 of 2             Status: (green) Finished          Started 22:26          Finished: 22:53

Machine: S1150          Patch Count: 1            Patch Progress: Executed 1 of 1             Status: (green) Finished          Started:23:01          Finished: 23:10

Machine: S1150          Patch Count: 1            Patch Progress: Executed 1 of 1             Status: (green) Finished          Started:23.20          Finished: 23:29

After the 4th scan and patch round no additional patch was found.

Today, less than 12 hours after the last patch round of last night, a new scan shows that 7 patches are missed!!

Logged in to the server S1150 and directly "Checked for Updates" with the Windows Update tool says (green) Your system is up to date.

The update history shows 11 (!!) installed patches of yesterday:

Security Update for Windows (KB3034196)

Security Update for Windows (KB3029944) 

Security Update for Windows (KB3031432)

Security Update for Windows (KB3004361)

Security Update for Windows (KB3000438)

Security Update for Windows (KB3023562)

Security Update for Windows (KB3013455)

Security Update for Windows (KB3021952)

Security Update for Windows (KB3003475)

Update for Windows (KB3020338)

Update for Windows (KB3004394)

Shavlik installed 12 patches, rebooted the system, rescanned the system and reported it as (green) Finished, Why does Shavlik detect another 2 patches half an hour later - then 1 patch 10 minutes later, followed by a last one, another 10 minutes later?

The same happened with almost each of the 50 servers I had to patch yesterday. I don't know why Shavlik iteratively reported (green) Finished - everything is fine- what was not correct as each rescan found more Patches to install. Finally Shavlik installed 16 patches while the server self is reporting only 11 of them.

...and the patch deployment with Shavlik takes often ways, ways more time than doing it manually. Deploying 12 patches on one of our standard Windows 2008 Server took more than 3 hours with Shavlik while manually installing the same 12 patches on a similar Windows 2008 Server was done in less than 30 Minutes.

As I still don't think that Shavlik is as bad I guess I'm doing something wrong but unfortunately I have no clue what.