Hi Greg. I have Windows firewall disabled by default, I only enabled it for a day to see if there was any useful diagnostics in the logs. This was how I knew the messages were reaching PC2.
I did run for 3 or days with ZoneAlarm (anti-virus & firewall) installed completely, but again it made no difference. So I since put it back on.
I have 2 desktops (Computer1 & Computer2) and 2 laptops (Computer3 & Computer4).
The desktops are both running Vista.
One laptop is Vista and the last is XP.
The 2 desktops have 2 disk drives each.
The 2 desktops are connected via Ethernet cables and the laptops wireless.
I mapped all the network drives so that every PC (desktop and laptop) can see every other drive (as long as the PC is switched on obviously). They share the same workgroup (WORKGROUP), etc.
This has worked fine for years.
But now one desktop (Computer2) cannot be accessed from any of the other 3 PCs. It is blocking all access from the other 3, including mapping and pings.
Drive mapping to Computer2 fails from all the other 3 PCs.
Ping fails with “Request timed out”.
All the 4 PCs, including Computer2, work fine otherwise and can access the Internet.
The other 3 can see each other’s shares still, and Computer2 can see all the other 3 remote shares ok as before.
I am not aware of any changes to Computer2 that could have caused this. So I thought NIC, firewall, router or Windows settings must be at fault (?) Until I get the pings to work the share permissions, etc are all irrelevant. The laptops are irrelevant now to future investigations.
Network Discovery is running ok and the other computers can see Computer2 is displayed ok in the list. When I try to access Computer2 (from Computer1) in Network Discovery I get “Windows cannot access \\Computer2” with “error code 0x80070035 The network path was not found”.
Windows Network Diagnostics shows “Network diagnostics pinged the remote host but did not receive a response.”
I have put a wireless card in Computer2 and disabled the Ethernet connection. The PC works fine to the other PCs and Internet still, but ping to Computer2 still times out.
All PCs use ZoneAlarm for Firewall and Anti Virus. I removed ZoneAlarm completely from Computer2, but ping to Computer2 still times out.
I have never used Windows firewall so that should not be relevant.
I reset my router back to factory settings, but ping to Computer2 still times out.
I have checked all the Windows settings I can think off comparing Computer1 to Computer2 bearing in mind that Computer1 is working fine, but cannot find a difference.
I have checked all the following services are running via services.msc – TCP/IP Netbios helper, DNS Client, Function Discovery, SSDP Discovery, UPNP Device, System Event Notification, Computer Browser, DHCP Client, Network connections, Network Location awareness, Remote Procedure Call, Server, Workstation.
Network Discovery is ON, Network is Private, File And Printer Sharing is ON, Public Folder Sharing is ON.
I reset the Winsock (netsh winsock reset), but ping to Computer2 still times out.
I have flushed DNS.
nslookup resolves Computer2 ok with it IP address.
tracert and ping both return “Request timed out”.
arp –a confirms Computer2 exists.
net view shows all 4 PCs ok.
I have tried extending the timeout value in ping (ping –w 5000 computer2) to 5 secs but it still times out.
I am not aware that ping uses any particular port so I don’t know which to check is open (netstat –a).
Reboot both PCs into Safe Mode and ran a ping to each other, but ping to Computer2 still times out. The problem must be low down in the system.
Ran sfc /scannow on both PCs “Windows resource Protection did not find any integrity violations” on both.
“netsh int ip reset c:\resetlog.txt” on Computer2 “Reseting Echo Request. Failed. Access is denied.”
Now Network Discovery cannot open Computer1.
Event Viewer does not show anything about pings.
Ping 127.0.0.1 network card,ok
Ping 192.168.1.254 gateway, ok
Ping 192.168.1.72 timed out (Computer2)
HOW CAN A PC BLOCK PINGS EVEN IN SAFE MODE ?
ipconfig /release removes the current IP address
ipconfig /renew polls for a new IP address
Ran KB811259 FixIt for the Winsock, but still times out.
Ran KB299357 FixIt to reset TCP/IP
“netsh firewall set icmpsetting 8 enable” responded with “service not running” error because I use ZoneAlarm and Windows Firewall cannot start.
Ran KB947709 FixIt to try to start Windows Firewall with ZoneAlarm down, no good.
Ping –w 5000 computer2 (5 secs wait time for response) , but still times out.
“netdiag /v /debug” on both PCs and compared logs.
“route print” on both PCs and compared logs.
Removed Netbios over TCPIP from both PCs, but still times out.
Removed PlusNet’s own servers:-
Primary DNS 22.214.171.124
Secondary DNS 126.96.36.199
Ran KB251899 FixIt to fix Windows Security Centre issue. W.S.C. now working.
Removed thousands of blocked sites by running DelDomains.inf, worked ok to clear sites, but still times out.
Removed thousands of blocked sites from windows/system32/drivers/etc/host file.
Need Windows Firewall working to access ICMP settings to see if blocking pings. But Windows Firewall will not load.
Ran BFE-Repair-Vista.zip & Firewall-Repair-Vista.Zip
Reboot, Now Base Filtering Engine is running.
Ran FixIt http://support.microsoft.com/mats/windows_firewall_diagnostic to start Windows Firewall.
Windows Firewall start error: Service-specific error 5 (0x5)
Now Windows Firewall is working, Network Discovery has been switched off.
In Windows Firewall, set to allow ICMP for Domain & Private only. Reboot, now Network Discovery is back.
But still cannot ping from Computer1 to Computer2 ! Ughh!
Windows Firewall And Advanced Settings enables the options in Network And Sharing Centre to be turned off/on for Network Discovery, File Sharing, Public Folder Sharing.
Rebooted Computer2 into Safe Mode. Windows Firewall is automatically enable. In Windows Firewall And Advanced Security set all 3 zones to log errors to /Windows/System32/LogFiles/Firewall/pFirewall.Log
Can see :-
2014-01-24 16:18:36 DROP ICMP 192.168.1.66 192.168.1.72 - - 60 - - - - 8 0 – RECEIVE
https://support.microsoft.com/kb/889527 suggests issue with tcpip.sys
sfc /scannow run again but no problems found.
Compared tcpip.sys with Computer1, but same version, etc.
To start Windows Firewall look in Control Panel
To start Windows Firewall With Advanced Security look in Programs, Administrative Tools
Tracert and ping both use ICMP. ICMP may drop packets if under high load.
When you ping a destination network address, you're sending an ICMP packet with message type 8 (Echo) code 0 (Echo--Request) to that address. The ICMP reply packet has a message type 0 (Echo) code 0 (Echo--Reply).
Problem exists even if Windows Firewall & ZoneAlarm are down. SFC suggests no program issues.
Only leaves settings firewall settings (?)
Check out missing registry keys, etc by downloading Farbar Service Scanner (FSS) :-
Restore any missing registry keys:-
“netsh firewall set icmpsetting 8 enable” ok, but ping still times out.