none
TMG 2010 STD - serviço de firewall não sobe RRS feed

  • Discussão Geral

  • Senhores venho brigando com o TMG há alguns dias. Depois de muita briga, resolvi matar o servidor e re-instalei do zero. O problema voltou a acontecer depois de algumas horas que a nova instalação estava no ar.

    O Sistema operacional (W2K8 R2) está atualizado e o TMG está com o SP2 e inclusive a RU 2 e nada mudou. Alguém tem alguma dica?

    Segue dmp:

    Version=1
    EventType=APPCRASH
    EventTime=129947941372917734
    ReportType=2
    Consent=1
    ReportIdentifier=1273f1d9-16ea-11e2-a29d-00155d011e08
    IntegratorReportIdentifier=1273f1d8-16ea-11e2-a29d-00155d011e08
    Response.type=4
    Sig[0].Name=Application Name
    Sig[0].Value=wspsrv.exe
    Sig[1].Name=Application Version
    Sig[1].Value=7.0.9193.540
    Sig[2].Name=Application Timestamp
    Sig[2].Value=4f7b29e5
    Sig[3].Name=Fault Module Name
    Sig[3].Value=ntdll.dll
    Sig[4].Name=Fault Module Version
    Sig[4].Value=6.1.7601.17725
    Sig[5].Name=Fault Module Timestamp
    Sig[5].Value=4ec4aa8e
    Sig[6].Name=Exception Code
    Sig[6].Value=c0000005
    Sig[7].Name=Exception Offset
    Sig[7].Value=0000000000052fc6
    DynamicSig[1].Name=OS Version
    DynamicSig[1].Value=6.1.7601.2.1.0.272.7
    DynamicSig[2].Name=Locale ID
    DynamicSig[2].Value=1046
    DynamicSig[22].Name=Additional Information 1
    DynamicSig[22].Value=2b37
    DynamicSig[23].Name=Additional Information 2
    DynamicSig[23].Value=2b37255b7c798f5cc1afca9527e33f9b
    DynamicSig[24].Name=Additional Information 3
    DynamicSig[24].Value=5a1d
    DynamicSig[25].Name=Additional Information 4
    DynamicSig[25].Value=5a1d22f94f7486cd647ea3019af7fb66
    UI[2]=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe
    UI[3]=Microsoft Firewall Service has stopped working
    UI[4]=Windows can check online for a solution to the problem.
    UI[5]=Check online for a solution (recommended)
    UI[6]=Check for a solution later (recommended)
    UI[7]=Close
    UI[8]=Microsoft Firewall Service stopped working and was closed
    UI[9]=A problem caused the application to stop working correctly. Windows will notify you if a solution is available.
    UI[10]=&Close
    LoadedModule[0]=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe
    LoadedModule[1]=C:\Windows\SYSTEM32\ntdll.dll
    LoadedModule[2]=C:\Windows\system32\kernel32.dll
    LoadedModule[3]=C:\Windows\system32\KERNELBASE.dll
    LoadedModule[4]=C:\Windows\system32\ADVAPI32.dll
    LoadedModule[5]=C:\Windows\system32\msvcrt.dll
    LoadedModule[6]=C:\Windows\SYSTEM32\sechost.dll
    LoadedModule[7]=C:\Windows\system32\RPCRT4.dll
    LoadedModule[8]=C:\Windows\system32\ATL.DLL
    LoadedModule[9]=C:\Windows\system32\USER32.dll
    LoadedModule[10]=C:\Windows\system32\GDI32.dll
    LoadedModule[11]=C:\Windows\system32\LPK.dll
    LoadedModule[12]=C:\Windows\system32\USP10.dll
    LoadedModule[13]=C:\Program Files\Microsoft Forefront Threat Management Gateway\RATLIB.dll
    LoadedModule[14]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPSEC.dll
    LoadedModule[15]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpc.DLL
    LoadedModule[16]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcui.DLL
    LoadedModule[17]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcstg.DLL
    LoadedModule[18]=C:\Windows\system32\ole32.dll
    LoadedModule[19]=C:\Windows\system32\OLEAUT32.dll
    LoadedModule[20]=C:\Windows\system32\ACTIVEDS.dll
    LoadedModule[21]=C:\Windows\system32\adsldpc.dll
    LoadedModule[22]=C:\Windows\system32\WLDAP32.dll
    LoadedModule[23]=C:\Windows\system32\NTDSAPI.dll
    LoadedModule[24]=C:\Windows\system32\WS2_32.dll
    LoadedModule[25]=C:\Windows\system32\NSI.dll
    LoadedModule[26]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPAPI.dll
    LoadedModule[27]=C:\Program Files\Microsoft Forefront Threat Management Gateway\WSPAPI.dll
    LoadedModule[28]=C:\Program Files\Microsoft Forefront Threat Management Gateway\PREAPI.dll
    LoadedModule[29]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MANAGEDAPI.dll
    LoadedModule[30]=C:\Program Files\Microsoft Forefront Threat Management Gateway\W3PAPI.dll
    LoadedModule[31]=C:\Windows\system32\NETAPI32.dll
    LoadedModule[32]=C:\Windows\system32\netutils.dll
    LoadedModule[33]=C:\Windows\system32\srvcli.dll
    LoadedModule[34]=C:\Windows\system32\wkscli.dll
    LoadedModule[35]=C:\Windows\system32\LOGONCLI.DLL
    LoadedModule[36]=C:\Windows\system32\DSROLE.DLL
    LoadedModule[37]=C:\Windows\system32\WSOCK32.dll
    LoadedModule[38]=C:\Windows\system32\urlmon.dll
    LoadedModule[39]=C:\Windows\system32\WININET.dll
    LoadedModule[40]=C:\Windows\system32\SHLWAPI.dll
    LoadedModule[41]=C:\Windows\system32\iertutil.dll
    LoadedModule[42]=C:\Windows\system32\CRYPT32.dll
    LoadedModule[43]=C:\Windows\system32\MSASN1.dll
    LoadedModule[44]=C:\Windows\system32\msi.dll
    LoadedModule[45]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpccom.DLL
    LoadedModule[46]=C:\Windows\system32\IPHLPAPI.DLL
    LoadedModule[47]=C:\Windows\system32\WINNSI.DLL
    LoadedModule[48]=C:\Windows\system32\SAMCLI.DLL
    LoadedModule[49]=C:\Windows\system32\Secur32.dll
    LoadedModule[50]=C:\Windows\system32\SSPICLI.DLL
    LoadedModule[51]=C:\Windows\system32\DNSAPI.dll
    LoadedModule[52]=C:\Windows\system32\WTSAPI32.dll
    LoadedModule[53]=C:\Program Files\Microsoft Forefront Threat Management Gateway\sidahlpr.dll
    LoadedModule[54]=C:\Windows\system32\PSAPI.DLL
    LoadedModule[55]=C:\Windows\system32\VERSION.dll
    LoadedModule[56]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPHLPR.dll
    LoadedModule[57]=C:\Windows\system32\RASAPI32.dll
    LoadedModule[58]=C:\Windows\system32\rasman.dll
    LoadedModule[59]=C:\Windows\system32\AUTHZ.dll
    LoadedModule[60]=C:\Windows\system32\Normaliz.dll
    LoadedModule[61]=C:\Program Files\Microsoft Forefront Threat Management Gateway\RpcFltr.DLL
    LoadedModule[62]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcregexp.dll
    LoadedModule[63]=C:\Windows\system32\MSWSOCK.dll
    LoadedModule[64]=C:\Windows\system32\WINHTTP.dll
    LoadedModule[65]=C:\Windows\system32\webio.dll
    LoadedModule[66]=C:\Windows\system32\IMM32.DLL
    LoadedModule[67]=C:\Windows\system32\MSCTF.dll
    LoadedModule[68]=C:\Windows\system32\DBGHELP.DLL
    LoadedModule[69]=C:\Windows\system32\CRYPTBASE.dll
    LoadedModule[70]=C:\Windows\System32\wshtcpip.dll
    LoadedModule[71]=C:\Windows\System32\wship6.dll
    LoadedModule[72]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSFPC.SYS
    LoadedModule[73]=C:\Windows\system32\dhcpcsvc6.DLL
    LoadedModule[74]=C:\Windows\system32\dhcpcsvc.DLL
    LoadedModule[75]=C:\Windows\system32\CLBCatQ.DLL
    LoadedModule[76]=C:\Program Files\Microsoft Forefront Threat Management Gateway\EmpScan.dll
    LoadedModule[77]=C:\Windows\system32\SHELL32.dll
    LoadedModule[78]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MpUtil.DLL
    LoadedModule[79]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MpHashLib.DLL
    LoadedModule[80]=C:\Windows\system32\credssp.dll
    LoadedModule[81]=C:\Windows\system32\CRYPTSP.dll
    LoadedModule[82]=C:\Windows\system32\rsaenh.dll
    LoadedModule[83]=C:\Windows\system32\RpcRtRemote.dll
    LoadedModule[84]=C:\Windows\system32\SXS.DLL
    LoadedModule[85]=C:\Windows\System32\msxml3.dll
    LoadedModule[86]=C:\Program Files\Microsoft Forefront Threat Management Gateway\IPS\GapaEngine_1cdaaf6_d3af2500.dll
    LoadedModule[87]=C:\Windows\system32\WINTRUST.dll
    LoadedModule[88]=C:\Windows\System32\msxml6.dll
    LoadedModule[89]=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
    LoadedModule[90]=C:\Windows\system32\profapi.dll
    LoadedModule[91]=C:\Windows\system32\xmllite.dll
    LoadedModule[92]=C:\Windows\system32\security.dll
    LoadedModule[93]=C:\Windows\system32\schannel.dll
    LoadedModule[94]=C:\Windows\system32\NLAapi.dll
    LoadedModule[95]=C:\Windows\system32\napinsp.dll
    LoadedModule[96]=C:\Windows\System32\winrnr.dll
    LoadedModule[97]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MPEngine\{9F4AF8CE-0798-48D4-93C2-5663278FFD86}\mpengine.dll
    LoadedModule[98]=C:\Windows\system32\imagehlp.dll
    LoadedModule[99]=C:\Windows\system32\ncrypt.dll
    LoadedModule[100]=C:\Windows\system32\bcrypt.dll
    LoadedModule[101]=C:\Windows\system32\bcryptprimitives.dll
    LoadedModule[102]=C:\Windows\system32\USERENV.dll
    LoadedModule[103]=C:\Windows\system32\GPAPI.dll
    FriendlyEventName=Stopped working
    ConsentKey=APPCRASH
    AppName=Microsoft Firewall Service
    AppPath=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe

    Segue evento:

    Log Name:      Application
    Source:        Application Error
    Date:          15/10/2012 14:02:17
    Event ID:      1000
    Task Category: (100)
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      SERVIDOR
    Description:
    Faulting application name: wspsrv.exe, version: 7.0.9193.540, time stamp: 0x4f7b29e5
    Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
    Exception code: 0xc0000005
    Fault offset: 0x0000000000052fc6
    Faulting process id: 0x630
    Faulting application start time: 0x01cdaaf6d390dbb4
    Faulting application path: C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report Id: 1273f1d8-16ea-11e2-a29d-00155d011e08
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Application Error" />
        <EventID Qualifiers="0">1000</EventID>
        <Level>2</Level>
        <Task>100</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2012-10-15T17:02:17.000000000Z" />
        <EventRecordID>72613</EventRecordID>
        <Channel>Application</Channel>
        <Computer>SERVIDOR</Computer>
        <Security />
      </System>
      <EventData>
        <Data>wspsrv.exe</Data>
        <Data>7.0.9193.540</Data>
        <Data>4f7b29e5</Data>
        <Data>ntdll.dll</Data>
        <Data>6.1.7601.17725</Data>
        <Data>4ec4aa8e</Data>
        <Data>c0000005</Data>
        <Data>0000000000052fc6</Data>
        <Data>630</Data>
        <Data>01cdaaf6d390dbb4</Data>
        <Data>C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe</Data>
        <Data>C:\Windows\SYSTEM32\ntdll.dll</Data>
        <Data>1273f1d8-16ea-11e2-a29d-00155d011e08</Data>
      </EventData>
    </Event>

    segunda-feira, 15 de outubro de 2012 17:09

Todas as Respostas

  • Boa tarde,

    Veja se o ajuda: http://support.nappliance.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=137


    Douglas Urbano

    segunda-feira, 15 de outubro de 2012 17:15
  • Boa tarde, Douglas.

    Executei o solicitado. Reiniciei o servidor e nada. Mesmo comportamento.

    segunda-feira, 15 de outubro de 2012 17:28
  • Bom dia, VMBox!

    Você não tem outra aplicação instalada neste servidor? 

    Estava procurando uma solução para você, e, o nosso amigo Junior, escreveu em um thread uma solução que ele encontrou para resolver este problema, veja se aplica ao teu ambiente:

    ==============================================================================================

    Ja passei por esse mesmo problema!

    A unica maneira que consegui resolver, foi instalado todos os patch's de atualizações do TMG SP2, e atualizando todo o Windows Server 2008 R2.
    Tem uma atualização de 300 MB ou mais não me lembro muito bem do Service Pack 3 SQL Server, essa atualização resolve esse problema do serviço não inciar do TMG.

    Junior Ramos

    Extraido de: http://social.technet.microsoft.com/Forums/pt/forefronttmgpt/thread/9b600ae5-480e-4ca9-be92-8521a890a0e7


    Douglas Urbano

    terça-feira, 16 de outubro de 2012 10:59
  • Obrigado Douglas por linkar a resolução ao amigo.

    De fato VMBox essa atualização resolve o seu problema.
    O TMG sem essa atualização perde a conexão com o banco de dados e nao consegue autenticar usuario e senha, sem esse acesso o serviço não sobe onde gera um transtorno danado.

    Abraços.


    Júnior Ramos | Analista em Tecnologia da informação| MCPID: 8549133 | Msn/e-mail: Consultoriaemredes@live.com | Fone: (47) 8417 - 3475 |

    terça-feira, 16 de outubro de 2012 14:44
  • Quer dizer atualizar o SP do SQL?
    quarta-feira, 17 de outubro de 2012 13:56
  • Exatamente amigo, como dito acima essa atualização corrige esse problema relacionado ao conexão ao banco do SQL Server.

    abs


    Júnior Ramos | Analista em Tecnologia da informação| MCPID: 8549133 | Msn/e-mail: Consultoriaemredes@live.com | Fone: (47) 8417 - 3475 |

    quarta-feira, 17 de outubro de 2012 14:11
  • SP3 atualizado e nenhuma mudança no comportamento do problema.
    segunda-feira, 3 de dezembro de 2012 13:35
  • VMBox,

    Atendo diversos clientes com TMG, e tambem diversos cenários onde o mesmo atua.
    Oque voce deve se atentar, é em algumas mudanças que foram feitas nesse teu servidor, até então.
    Quando passei pelo mesmo problema, solucionei da forma já descrita acima.
    Verifique tudo no servidor, realize uma auditoria com antivirus etc..
    Veja se a conta de serviços de rede esta com privilégios para iniciar o serviço.

    abs


    Júnior Ramos | MCITP | MCSA | MCTS | MCC | MCP Consultor em Tecnologia da Informação. Consultoriaemredes@live.com (47) 8417 -3475

    segunda-feira, 3 de dezembro de 2012 13:57
  • Essa máquina foi instalada do zero. Todos os patchs atualizados. O antivirus está atualizado e mandei fazer o scan full hoje pela manhã e nada.

    Acabei de incluir o serviço de rede para logar como serviço, sem mudança também.

    Todos os outros serviços do TMG estão no ar só o serviço de firewall que não sobe nem com reza brava!

    Eu abilitei o APP Crash report e é isso que ele está pegando:

    Version=1
    EventType=APPCRASH
    EventTime=129990191916789040
    ReportType=2
    Consent=1
    ReportIdentifier=4b1a6b9e-3d57-11e2-bb53-00155d011e08
    IntegratorReportIdentifier=4b1a6b9d-3d57-11e2-bb53-00155d011e08
    Response.type=4
    Sig[0].Name=Application Name
    Sig[0].Value=wspsrv.exe
    Sig[1].Name=Application Version
    Sig[1].Value=7.0.9193.540
    Sig[2].Name=Application Timestamp
    Sig[2].Value=4f7b29e5
    Sig[3].Name=Fault Module Name
    Sig[3].Value=ntdll.dll
    Sig[4].Name=Fault Module Version
    Sig[4].Value=6.1.7601.17725
    Sig[5].Name=Fault Module Timestamp
    Sig[5].Value=4ec4aa8e
    Sig[6].Name=Exception Code
    Sig[6].Value=c0000005
    Sig[7].Name=Exception Offset
    Sig[7].Value=0000000000052fc6
    DynamicSig[1].Name=OS Version
    DynamicSig[1].Value=6.1.7601.2.1.0.272.7
    DynamicSig[2].Name=Locale ID
    DynamicSig[2].Value=1046
    DynamicSig[22].Name=Additional Information 1
    DynamicSig[22].Value=37a0
    DynamicSig[23].Name=Additional Information 2
    DynamicSig[23].Value=37a0d6687c627a0d287febff218c105b
    DynamicSig[24].Name=Additional Information 3
    DynamicSig[24].Value=75fa
    DynamicSig[25].Name=Additional Information 4
    DynamicSig[25].Value=75fa28c63982e40819825ed9d90b9563
    UI[2]=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe
    UI[5]=Check online for a solution (recommended)
    UI[6]=Check for a solution later (recommended)
    UI[7]=Close
    UI[8]=Microsoft Firewall Service stopped working and was closed
    UI[9]=A problem caused the application to stop working correctly. Windows will notify you if a solution is available.
    UI[10]=&Close
    LoadedModule[0]=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe
    LoadedModule[1]=C:\Windows\SYSTEM32\ntdll.dll
    LoadedModule[2]=C:\Windows\system32\kernel32.dll
    LoadedModule[3]=C:\Windows\system32\KERNELBASE.dll
    LoadedModule[4]=C:\Windows\system32\ADVAPI32.dll
    LoadedModule[5]=C:\Windows\system32\msvcrt.dll
    LoadedModule[6]=C:\Windows\SYSTEM32\sechost.dll
    LoadedModule[7]=C:\Windows\system32\RPCRT4.dll
    LoadedModule[8]=C:\Windows\system32\ATL.DLL
    LoadedModule[9]=C:\Windows\system32\USER32.dll
    LoadedModule[10]=C:\Windows\system32\GDI32.dll
    LoadedModule[11]=C:\Windows\system32\LPK.dll
    LoadedModule[12]=C:\Windows\system32\USP10.dll
    LoadedModule[13]=C:\Program Files\Microsoft Forefront Threat Management Gateway\RATLIB.dll
    LoadedModule[14]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPSEC.dll
    LoadedModule[15]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpc.DLL
    LoadedModule[16]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcui.DLL
    LoadedModule[17]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcstg.DLL
    LoadedModule[18]=C:\Windows\system32\ole32.dll
    LoadedModule[19]=C:\Windows\system32\OLEAUT32.dll
    LoadedModule[20]=C:\Windows\system32\ACTIVEDS.dll
    LoadedModule[21]=C:\Windows\system32\adsldpc.dll
    LoadedModule[22]=C:\Windows\system32\WLDAP32.dll
    LoadedModule[23]=C:\Windows\system32\NTDSAPI.dll
    LoadedModule[24]=C:\Windows\system32\WS2_32.dll
    LoadedModule[25]=C:\Windows\system32\NSI.dll
    LoadedModule[26]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPAPI.dll
    LoadedModule[27]=C:\Program Files\Microsoft Forefront Threat Management Gateway\WSPAPI.dll
    LoadedModule[28]=C:\Program Files\Microsoft Forefront Threat Management Gateway\PREAPI.dll
    LoadedModule[29]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MANAGEDAPI.dll
    LoadedModule[30]=C:\Program Files\Microsoft Forefront Threat Management Gateway\W3PAPI.dll
    LoadedModule[31]=C:\Windows\system32\NETAPI32.dll
    LoadedModule[32]=C:\Windows\system32\netutils.dll
    LoadedModule[33]=C:\Windows\system32\srvcli.dll
    LoadedModule[34]=C:\Windows\system32\wkscli.dll
    LoadedModule[35]=C:\Windows\system32\LOGONCLI.DLL
    LoadedModule[36]=C:\Windows\system32\DSROLE.DLL
    LoadedModule[37]=C:\Windows\system32\WSOCK32.dll
    LoadedModule[38]=C:\Windows\system32\urlmon.dll
    LoadedModule[39]=C:\Windows\system32\WININET.dll
    LoadedModule[40]=C:\Windows\system32\SHLWAPI.dll
    LoadedModule[41]=C:\Windows\system32\iertutil.dll
    LoadedModule[42]=C:\Windows\system32\CRYPT32.dll
    LoadedModule[43]=C:\Windows\system32\MSASN1.dll
    LoadedModule[44]=C:\Windows\system32\msi.dll
    LoadedModule[45]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpccom.DLL
    LoadedModule[46]=C:\Windows\system32\IPHLPAPI.DLL
    LoadedModule[47]=C:\Windows\system32\WINNSI.DLL
    LoadedModule[48]=C:\Windows\system32\SAMCLI.DLL
    LoadedModule[49]=C:\Windows\system32\Secur32.dll
    LoadedModule[50]=C:\Windows\system32\SSPICLI.DLL
    LoadedModule[51]=C:\Windows\system32\DNSAPI.dll
    LoadedModule[52]=C:\Windows\system32\WTSAPI32.dll
    LoadedModule[53]=C:\Program Files\Microsoft Forefront Threat Management Gateway\sidahlpr.dll
    LoadedModule[54]=C:\Windows\system32\PSAPI.DLL
    LoadedModule[55]=C:\Windows\system32\VERSION.dll
    LoadedModule[56]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSPHLPR.dll
    LoadedModule[57]=C:\Windows\system32\RASAPI32.dll
    LoadedModule[58]=C:\Windows\system32\rasman.dll
    LoadedModule[59]=C:\Windows\system32\AUTHZ.dll
    LoadedModule[60]=C:\Windows\system32\Normaliz.dll
    LoadedModule[61]=C:\Program Files\Microsoft Forefront Threat Management Gateway\RpcFltr.DLL
    LoadedModule[62]=C:\Program Files\Microsoft Forefront Threat Management Gateway\msfpcregexp.dll
    LoadedModule[63]=C:\Windows\system32\MSWSOCK.dll
    LoadedModule[64]=C:\Windows\system32\WINHTTP.dll
    LoadedModule[65]=C:\Windows\system32\webio.dll
    LoadedModule[66]=C:\Windows\system32\IMM32.DLL
    LoadedModule[67]=C:\Windows\system32\MSCTF.dll
    LoadedModule[68]=C:\Windows\system32\DBGHELP.DLL
    LoadedModule[69]=C:\Windows\system32\CRYPTBASE.dll
    LoadedModule[70]=C:\Windows\System32\wshtcpip.dll
    LoadedModule[71]=C:\Windows\System32\wship6.dll
    LoadedModule[72]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MSFPC.SYS
    LoadedModule[73]=C:\Windows\system32\dhcpcsvc6.DLL
    LoadedModule[74]=C:\Windows\system32\dhcpcsvc.DLL
    LoadedModule[75]=C:\Windows\system32\CLBCatQ.DLL
    LoadedModule[76]=C:\Program Files\Microsoft Forefront Threat Management Gateway\EmpScan.dll
    LoadedModule[77]=C:\Windows\system32\SHELL32.dll
    LoadedModule[78]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MpUtil.DLL
    LoadedModule[79]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MpHashLib.DLL
    LoadedModule[80]=C:\Windows\system32\credssp.dll
    LoadedModule[81]=C:\Windows\system32\CRYPTSP.dll
    LoadedModule[82]=C:\Windows\system32\rsaenh.dll
    LoadedModule[83]=C:\Windows\system32\RpcRtRemote.dll
    LoadedModule[84]=C:\Windows\system32\SXS.DLL
    LoadedModule[85]=C:\Windows\System32\msxml3.dll
    LoadedModule[86]=C:\Program Files\Microsoft Forefront Threat Management Gateway\IPS\GapaEngine_1cdd164_c2e5430.dll
    LoadedModule[87]=C:\Windows\system32\WINTRUST.dll
    LoadedModule[88]=C:\Windows\System32\msxml6.dll
    LoadedModule[89]=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
    LoadedModule[90]=C:\Windows\system32\profapi.dll
    LoadedModule[91]=C:\Windows\system32\xmllite.dll
    LoadedModule[92]=C:\Windows\system32\security.dll
    LoadedModule[93]=C:\Windows\system32\schannel.dll
    LoadedModule[94]=C:\Windows\system32\NLAapi.dll
    LoadedModule[95]=C:\Windows\system32\napinsp.dll
    LoadedModule[96]=C:\Windows\System32\winrnr.dll
    LoadedModule[97]=C:\Program Files\Microsoft Forefront Threat Management Gateway\MPEngine\{9F4AF8CE-0798-48D4-93C2-5663278FFD86}\mpengine.dll
    LoadedModule[98]=C:\Windows\system32\imagehlp.dll
    LoadedModule[99]=C:\Windows\system32\ncrypt.dll
    LoadedModule[100]=C:\Windows\system32\bcrypt.dll
    LoadedModule[101]=C:\Windows\system32\bcryptprimitives.dll
    LoadedModule[102]=C:\Windows\system32\USERENV.dll
    LoadedModule[103]=C:\Windows\system32\GPAPI.dll
    FriendlyEventName=Stopped working
    ConsentKey=APPCRASH
    AppName=Microsoft Firewall Service
    AppPath=C:\Program Files\Microsoft Forefront Threat Management Gateway\wspsrv.exe

    segunda-feira, 3 de dezembro de 2012 14:42
  • O problema estava no arquivo de configuração do backup.

    Criei outro servidor e instalei o TMG do zero novamente. Recriei todas as regras e o problema não voltou a acontecer.

    segunda-feira, 4 de março de 2013 17:03
  • Opa, só uma coisa, usar A.V. no servidor TMG não é uma boa prática ok?! Pode até ser isso. NÃO instale a.v. na estação.

    Está usando DB do próprio TMG ou SQL separado? Tá instalando alguma coisa que use banco de dados?

    Muitas vezes tenho problemas com o antigo isa, pq nessas estações que usava o isa 2006 eu instalava o Symantec Endpoint Protection que usa um db também... aí dava altos problemas para iniciar o serviço.


    []´s Walter Ferry Dissmann

    segunda-feira, 4 de março de 2013 19:38
  • Boa tarde,

    No caso da WalterFD realmente acontece com o Symantec, para isso, se tiver este antivirus de solução, tem que instalar a opção minima para servidor, na console, existe esta opção para o caso de Exchange e Firewall.

    Bem lembrando Walter.


    Douglas Urbano


    segunda-feira, 4 de março de 2013 19:58
  • Nem me atrevo a instalar qualquer tipo de a.v. no TMG com medo desses "probleminhas". No ISA já peguei as manhas para evitar problemas ehehe!

    É necessário colocar na excessão algumas pastas do TMG e do WINDOWS para que não tenha problemas.


    []´s Walter Ferry Dissmann

    segunda-feira, 4 de março de 2013 20:03