A few problems...

Hello. I installed TI yesterday and am having some issues and am wondering if I am doing something wrong here.

1. When trying to make an image of my C drive to my D drive (both are separate disks) it is so slow that it was going to take 16 hours. I left it alone for an hour or so and it still showed around 15 hours. Later I tried it after uninstalling it and reinstalling and getting the latest patch it said 2 days!! What's up with that?

2. Why is trueimage.exe launching my web browser to go to places like “googleadservice.com”, and “server.iad.liveperson.net”. Is this program full of spyware or what??

Thanks in advance for any insight on this.

 

Are you sure your True Image is the real stuff True Image don't contain ad-ware, and do not connect to the Internet.

 

Yes it is the "real version" It even came with a serial number to register. I noticed yesterday when I installed it that Sygate Personal Firewall indicated this "Application Hijacking has been detected
The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host www.googleadservices.com"

and this "Application Hijacking has been detected
The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host server.iad.liveperson.net"

Those were from the log on Sygate firewall.

I didn't like the looks of that at all. I also emailed tech support about it. No response yet.

 

Hi, vectrose

Where did you buy it?

Strange, googleadservice.com”, and “server.iad.liveperson.net”. are part of the Acronis Web Page, from the Info I get with OutPost in block most mode [all on ask], can not understand why Ti is trying to go "Home". I never had it it try.

Take Care,
TheQuest

 

Hello vectrose,

Thank you for choosing Acronis Disk Backup Software.

Could you please tell me your Acronis request # which was sent to you in autoreply to your letter?

Thank you.
--
Irina Shirokova

 

The number automatically emailed back to me is Acronis #275365 and still no reply as of today.....

 

A member here asked where it was purchased. It was bought from Amazon.

 

Well, Acronis got back to me to try some snapAPI file from their download area and now I can make a backup. Now regarding the hijacking problem, they responded with "the issue with Sygate Personal Firewall has been forwarded to our test team". Hmmm... this makes me wonder where the issue is. As indicated prior I had this report from Sygate after installing ATI.
"Application Hijacking has been detected
The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host HYPERLINK "http://www.googleadservices.com/"www.googleadservices.com"

and this

"Application Hijacking has been detected
The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host server.iad.liveperson.net"

Any other users have this program call home? Is this spyware, adware or something else. I have not much experience with these issues.

 

Did you receive a disk with the Acronis logos or did you download the program? If it was a download, I wonder what you got. If it was a disk, you might send Tech Support a photo of it to confirm it looks good.

Alternatively, you can register and download the current version directly from Acronis and uninstall what you bought.

I've never seen TI contact the Internet.

 

The last few builds of TI Corp. Workstation have indeed wanted to call home. When the firewall blocks this, TI still works fine.

 

This was purchased at Amazon and came as a cd with a box - just like in the stores so there should be no problem there. Also, I registered it and installed the update after uninstalling the original program as indicated in the sticky on this forum.

It begs the question however, why is this program trying to call home and what information is it sharing? Especially after the tech response of it being a Sygate firewall issue and not taking responsibility for their own program.

Anybody want to start an early bid on this program before I scrap it on Ebay?

 

Hi Vectrose, never saw Acronis try to call out or anything You are sure the problem is not related to possible infections on YOUR system?

 

I am sure it is NOT my system. Sygate reported the hijacking. As indicated above from TheQuest, "googleadservice.com", and "server.iad.liveperson.net".
are part of the Acronis Web Page. Coincidence... I think not! Also above
Suki noted that TI Corp calls home kinda confirms this issue.

Had a response back from Acronis Support "for the issue with your Sygate Personal Firewall please apply to its support."

Nice.

 

Hello vectrose and Suki,

Thank you for choosing Acronis Backup Software.

First of all, I would like to assure that there shouldn't be any spyware, adware, etc. in Acronis True Image that is why we certainly need to investigate the problem. I am sure there should be a fix available.

Could you please do the following:

- Download and unpack the checksum utility from http://www.acronis.com/files/support/xcsc.zip
- Run the application and click on the ellipsis sign to browse and select the installation package of Acronis True Image (latest build) you downloaded;
- The MD5 value for Acronis True Image 8.0 (build 826) must be 3FD6CACDE0700EC33D4A2C7A2B9B28A0
and for Acronis True Image Corporate Workstation (build 1143) E917859C9170D36DF617ED0560859EFD

We have tested these products and there is no spyware or anyhting of this sort. Is it possible that the spyware got to the computer insome other way and hijacked the first site you visited after that?

Thank you.
--
Ilya Toytman

 

Thanks for the response Ilya. I run a few applications to prevent the kind of adware and such that can cause so many problems. I am currently using Sygate Personal Firewall, latest versions of Adaware, Spybot Search & Destroy and Spywareblaster. Incidently when I ran Adaware, it picked up the server.iad.liveperson.net as a dataminer and so I deleted the cookie.

Can you confirm if server.iad.liveperson.net is part of the Acronis web page as indicated from user "TheQuest"? If it is, then both the Sygate Firewall, and Adaware are indicating false alarms. Not very likely IMHO.

A quick search on google groups finds some interesting data on server.iad.liveperson.net, which indeed seems to be a dataminer. So, the question remains... is server.iad.liveperson.net part of the Acronis web pages?

Thanks.

 

Ilya, I ran the checksum tool and the MD5 value for Acronis True Image 8.0 (build 826) it is indeed 3FD6CACDE0700EC33D4A2C7A2B9B28A0. Now, I am wondering if the hijacking took place on this version, or the original cd version.

I wonder if anyone is clever enough to investigate if server.iad.liveperson.net part of the Acronis web pages? That would really be the concern here.

Thanks for taking the time to look into this.

 

Yeah, it's the "Click here for live support" icon.

 

Hi, vectrose

I am not and not trying to prove myself at being clever, but as I said before my firewall is both Good and Clever:-

Just been there, this is a few lines from my firewalls DNS Cache:-

00:56:00 www.googleadservices.com New record 216.239.63.96, 64.233.171.96, 66.102.11.96, 216.239.57.96

00:55:55 server.iad.liveperson.net New record 198.65.119.21

00:5:53 www.acronis.com Cache hits 69.64.46.85


Is that of any help, check yours.

Take Care,
TheQuest

 

Hello vectrose,

TheQuest is right and server.iad.liveperson.net is a part of Acronis web-site. It is used for proper functionality Acronis Live Chat with the Sales Representative. However, it doesn't collect any info from your computer, it only shows how many people are there on the web-site, i.e. it just controls whether you are still on the site or not.

Thank you.
--
Ilya Toytman

 

Thanks for the replys on this issue. I was concerned that there may be some kind of spyware with this program especially after researching the hijacking Sygate reported. Perhaps Sygate is too sensitive. I am not computer savy enough to determine the DNS cache indicated by TheQuest, so as long as it seems good to go then I will continue to use it.

Cheers.

 

Hi, vectrose

It is part of my firewall logs, as I do not use Sygate firewall, I am sorry I can not tell you where to look for yours.

Take Care,
TheQuest

 

It's not all that unusual for firewall, adaware and spyware programs to report false positives. Most of them have the means to allow you to identify those that are legit and authorize them so the message doesn't appear again.