I'm using w2kpro with sp4 through cable connection. A couple weeks after installing w2kpro I started getting the lsass shutdown problem, and installed Zone alarm to stop that. Yesterday I got fed up with the massive slowdowns, cpu use near 100% much of the time, and replaced it with Sygate, which various posts on the net claimed did not have this problem. Yesterday it ran fine.
Today when I booted up I found an even worse cpu usage, at 100% more than half the time, and the culprit was the sygate client. When I shut down the firewall the usage went to 0-1% and stayed there.
SO I looked around, found Outpost, installed that, and it would not let me do anything on the net. Fiddled with it for a while, tossed it, reinstalled Sygate, and now that is fine again. No telling whether a reboot will give the same problems as this morning, but for now it is ok.
Is this a common problem with Sygate? With all of them?
The problem this morning showed on the logs that svchost was constantly trying to connect. Since I had seen no reason to allow it I had blocked it, but to see if I could clear up this heavy cpu problem I unblocked it, and the problem continued. I rebooted and it continued, trying to connect to a wide variety of IP, apparenly not succeeding. The svchost file is apparently good, AVAST! AdAware, and SpybotSD all pass it without a problem. At this point it is not trying to connect, though it did try many times on this reboot before settling down.
What must I allow through for w2k to function? What can I block?
Programs I notice trying to get through which I don't know if they have any business communicating are:
svchost, ntoskrnl, inetinfo, winlogon
This is a single-user machine, only I use it, without a domain or network, no need to logon to anything else, so I don't see any need to let any of these get through. Am I wrong?
Thanks.