IPNAT.SYS running after reboot, stopping connection to server

Came in this morning to find our server had rebooted and websites were down. Server was online and able to connect via Logmein. (Windows server 2003 R2 Standard Edition SP2)

The actual symptom was that the server did not seem to accept any incoming network traffic. eg. websites, FTP, SQL, ping from within the same network (external ping blocked by firewall) browse via network etc all no response.

After investigation we found that IPNAT.sys was running and that the command NET STOP IPNAT resolved the issue and everything came back.

The services are configured as follows: Windows firewall / ICS (NOT running) (Automatic) Routing and Remote access (NOT running) (Disabled)

Security configuration Wizard is not installed under windows components.

When you try to start Windows firewall you get a message saying that it cannot start because IPNAT.sys is already running.

After rebooting the server the same issue comes back and can be resolved as above.

I dont nessecarily want WF / ICS running anyway so could disable this however that fact that this cannot start seems more like a symptom not the cause. (unless it is partially starting and failing during start up but I can see anything in the event logs)

The question is what could be starting IPNAT.sys and can it be disabled.

Any ideas would be appreciated, thanks.