First off, my apologies for the very long post. Trying to include as much detail as possible. I’m having issues with a small network at a municipality.
Hardware consists of
All devices have (had) static IP addresses and DHCP on the router was disabled.
THE ISSUE
Last week I got a call from a user who was having problems with a couple of specialized apps which run on the SERVER. She told me that it started after a Dell System Agent upgrade occurred on STATION-3. She also complained that the computer was running slow.
Whenever she tried to launch either app, she received a prompt to enter her credentials for the server. Once she did that the app would launch but would afterwards pop up errors when she attempted to use the app. My first thought was that the targets for the apps’ shortcuts somehow got changed but that wasn’t the case.
The more I dug into it the stranger things became.
Upon arrival, I logged into her user account. Windows File Explorer crashes when launched and no other computers besides STATION-3 appear under Network. Also, the antivirus had been disabled. We’re using Panda Adaptive Defense 360.
Additionally, I had Internet connectivity.
I logged out of her account and in on my account. Explorer worked fine but still no other machines, including the SERVER, showed up under Network. Only STATION-3.
Digging deeper, I tried pinging the other machines. All attempts were unsuccessful. Then I found that the IPv4 settings had been changed to DHCP.
Further investigation revealed that not only had all the other computers’ settings changed but even the router, which I’d originally set to 192.168.1.1, was also changed back to the factory default 192.168.0.1. WTF?
I logged back into her account on STATION-3 and ran an ESET online scan. It found nothing. I’ve run ESET scans on her new account and on mine. All clear. Ran the scan on STATION-4 & -5 with the same result. BTW, the installed AV is fine on STATION-4 & -5.
Because the AV is also missing on the SERVER, I’m currently running the ESET scan on it, as well. By "missing" I mean that when I try to launch Panda from the Start menu or the Taskbar, an update download tries to run but generates a download error. So I cannot initiate a scan on the SERVER.
The SERVER also only shows STATION-3 under Network. I can, however, Ping all the other three PCs from SERVER and from STATION-3, -4, -5.
Thinking the user account on STATION-3 was corrupt, I created a new account both on STATION-3 and SERVER. I then copied all her data hoping she could at least get some work done while I figured out the rest of the SNAFU.
Unfortunately, on the new account, I am unable to map network drives unless I enter the complete path because no other networked machines show up in Explorer. Even if I manually enter the complete path, I get an error that the "resource is no longer available".
Also, I created new shortcuts for the two specialty apps but receive the same errors as originally reported. Could the fact that I have not yet deleted her original account from STATION-3 or SERVER be causing a problem?
What I’ve done in the interim:
Thanks for any help y'all can share!
Hardware consists of
1 Windows Server 2016 Essentials (Dell T130)
3 Windows 10 Pro x64 PCs (OptiPlex 3040)
3 shared printers
1 Networked copy machine
TP-LINK AC1200 WiFi router
DLink 16 port unmanaged switch
SERVER
STATION-3 — Computer I was originally called about
STATION-4
STATION-5
All devices have (had) static IP addresses and DHCP on the router was disabled.
THE ISSUE
Last week I got a call from a user who was having problems with a couple of specialized apps which run on the SERVER. She told me that it started after a Dell System Agent upgrade occurred on STATION-3. She also complained that the computer was running slow.
Whenever she tried to launch either app, she received a prompt to enter her credentials for the server. Once she did that the app would launch but would afterwards pop up errors when she attempted to use the app. My first thought was that the targets for the apps’ shortcuts somehow got changed but that wasn’t the case.
The more I dug into it the stranger things became.
Upon arrival, I logged into her user account. Windows File Explorer crashes when launched and no other computers besides STATION-3 appear under Network. Also, the antivirus had been disabled. We’re using Panda Adaptive Defense 360.
Additionally, I had Internet connectivity.
I logged out of her account and in on my account. Explorer worked fine but still no other machines, including the SERVER, showed up under Network. Only STATION-3.
Digging deeper, I tried pinging the other machines. All attempts were unsuccessful. Then I found that the IPv4 settings had been changed to DHCP.
Further investigation revealed that not only had all the other computers’ settings changed but even the router, which I’d originally set to 192.168.1.1, was also changed back to the factory default 192.168.0.1. WTF?
I logged back into her account on STATION-3 and ran an ESET online scan. It found nothing. I’ve run ESET scans on her new account and on mine. All clear. Ran the scan on STATION-4 & -5 with the same result. BTW, the installed AV is fine on STATION-4 & -5.
Because the AV is also missing on the SERVER, I’m currently running the ESET scan on it, as well. By "missing" I mean that when I try to launch Panda from the Start menu or the Taskbar, an update download tries to run but generates a download error. So I cannot initiate a scan on the SERVER.
The SERVER also only shows STATION-3 under Network. I can, however, Ping all the other three PCs from SERVER and from STATION-3, -4, -5.
Thinking the user account on STATION-3 was corrupt, I created a new account both on STATION-3 and SERVER. I then copied all her data hoping she could at least get some work done while I figured out the rest of the SNAFU.
Unfortunately, on the new account, I am unable to map network drives unless I enter the complete path because no other networked machines show up in Explorer. Even if I manually enter the complete path, I get an error that the "resource is no longer available".
Also, I created new shortcuts for the two specialty apps but receive the same errors as originally reported. Could the fact that I have not yet deleted her original account from STATION-3 or SERVER be causing a problem?
What I’ve done in the interim:
Factory reset on the router and reconfigured it to my original settings
Reconfigured the IPv4 settings on the SERVER and all 3 PCs. They’ve all been restarted.
Verified that STATION-4 and STATION-5 both show all 4 computers under Network
Thanks for any help y'all can share!