A few problems...

Discussion in 'Acronis True Image Product Line' started by vectrose, May 24, 2005.

Thread Status:
Not open for further replies.
  1. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    Hello. I installed TI yesterday and am having some issues and am wondering if I am doing something wrong here.

    1. When trying to make an image of my C drive to my D drive (both are separate disks) it is so slow that it was going to take 16 hours. I left it alone for an hour or so and it still showed around 15 hours. Later I tried it after uninstalling it and reinstalling and getting the latest patch it said 2 days!! What's up with that?

    2. Why is trueimage.exe launching my web browser to go to places like “googleadservice.com”, and “server.iad.liveperson.net”. Is this program full of spyware or what??

    Thanks in advance for any insight on this.
     
  2. MiniMax

    MiniMax Registered Member

    Joined:
    Mar 17, 2005
    Posts:
    566
    Are you sure your True Image is the real stuffo_O True Image don't contain ad-ware, and do not connect to the Internet.
     
  3. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    Yes it is the "real version" It even came with a serial number to register. I noticed yesterday when I installed it that Sygate Personal Firewall indicated this "Application Hijacking has been detected
    The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host www.googleadservices.com"

    and this "Application Hijacking has been detected
    The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host server.iad.liveperson.net"

    Those were from the log on Sygate firewall.

    I didn't like the looks of that at all. I also emailed tech support about it. No response yet.
     
  4. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, vectrose

    Where did you buy it?

    Strange, googleadservice.com”, and “server.iad.liveperson.net”. are part of the Acronis Web Page, from the Info I get with OutPost in block most mode [all on ask], can not understand why Ti is trying to go "Home". I never had it it try.

    Take Care,
    TheQuest :cool:
     
  5. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello vectrose,

    Thank you for choosing Acronis Disk Backup Software.

    Could you please tell me your Acronis request # which was sent to you in autoreply to your letter?

    Thank you.
    --
    Irina Shirokova
     
  6. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    The number automatically emailed back to me is Acronis #275365 and still no reply as of today.....
     
  7. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    A member here asked where it was purchased. It was bought from Amazon.
     
  8. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    Well, Acronis got back to me to try some snapAPI file from their download area and now I can make a backup. Now regarding the hijacking problem, they responded with "the issue with Sygate Personal Firewall has been forwarded to our test team". :rolleyes: Hmmm... this makes me wonder where the issue is. As indicated prior I had this report from Sygate after installing ATI.
    "Application Hijacking has been detected
    The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host HYPERLINK "http://www.googleadservices.com/"www.googleadservices.com"

    and this

    "Application Hijacking has been detected
    The application: C:\Program Files\Acronis\TrueImage\TrueImage.exe try to launch another application: C:\Program Files\Internet Explorer\IEXPLORE.EXE to go to remote host server.iad.liveperson.net"

    Any other users have this program call home? Is this spyware, adware or something else. I have not much experience with these issues.
     
  9. jmk94903

    jmk94903 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    3,329
    Location:
    San Rafael, CA
    Did you receive a disk with the Acronis logos or did you download the program? If it was a download, I wonder what you got. If it was a disk, you might send Tech Support a photo of it to confirm it looks good.

    Alternatively, you can register and download the current version directly from Acronis and uninstall what you bought.

    I've never seen TI contact the Internet.
     
  10. Suki

    Suki Guest

    The last few builds of TI Corp. Workstation have indeed wanted to call home. When the firewall blocks this, TI still works fine.
     
  11. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    This was purchased at Amazon and came as a cd with a box - just like in the stores so there should be no problem there. Also, I registered it and installed the update after uninstalling the original program as indicated in the sticky on this forum.

    It begs the question however, why is this program trying to call home and what information is it sharing? Especially after the tech response of it being a Sygate firewall issue and not taking responsibility for their own program.

    Anybody want to start an early bid on this program before I scrap it on Ebay?
     
  12. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    Hi Vectrose, never saw Acronis try to call out or anything o_O You are sure the problem is not related to possible infections on YOUR system?
     
  13. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    I am sure it is NOT my system. Sygate reported the hijacking. As indicated above from TheQuest, "googleadservice.com", and "server.iad.liveperson.net".
    are part of the Acronis Web Page. Coincidence... I think not! Also above
    Suki noted that TI Corp calls home kinda confirms this issue.

    Had a response back from Acronis Support "for the issue with your Sygate Personal Firewall please apply to its support."

    Nice.
     
  14. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello vectrose and Suki,

    Thank you for choosing Acronis Backup Software.

    First of all, I would like to assure that there shouldn't be any spyware, adware, etc. in Acronis True Image that is why we certainly need to investigate the problem. I am sure there should be a fix available.

    Could you please do the following:

    - Download and unpack the checksum utility from http://www.acronis.com/files/support/xcsc.zip
    - Run the application and click on the ellipsis sign to browse and select the installation package of Acronis True Image (latest build) you downloaded;
    - The MD5 value for Acronis True Image 8.0 (build 826) must be 3FD6CACDE0700EC33D4A2C7A2B9B28A0
    and for Acronis True Image Corporate Workstation (build 1143) E917859C9170D36DF617ED0560859EFD

    We have tested these products and there is no spyware or anyhting of this sort. Is it possible that the spyware got to the computer insome other way and hijacked the first site you visited after that?

    Thank you.
    --
    Ilya Toytman
     
  15. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    Thanks for the response Ilya. I run a few applications to prevent the kind of adware and such that can cause so many problems. I am currently using Sygate Personal Firewall, latest versions of Adaware, Spybot Search & Destroy and Spywareblaster. Incidently when I ran Adaware, it picked up the server.iad.liveperson.net as a dataminer and so I deleted the cookie.

    Can you confirm if server.iad.liveperson.net is part of the Acronis web page as indicated from user "TheQuest"? If it is, then both the Sygate Firewall, and Adaware are indicating false alarms. Not very likely IMHO.

    A quick search on google groups finds some interesting data on server.iad.liveperson.net, which indeed seems to be a dataminer. So, the question remains... is server.iad.liveperson.net part of the Acronis web pages?

    Thanks.
     
  16. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    Ilya, I ran the checksum tool and the MD5 value for Acronis True Image 8.0 (build 826) it is indeed 3FD6CACDE0700EC33D4A2C7A2B9B28A0. Now, I am wondering if the hijacking took place on this version, or the original cd version.

    I wonder if anyone is clever enough to investigate if server.iad.liveperson.net part of the Acronis web pages? That would really be the concern here.

    Thanks for taking the time to look into this.
     
  17. beenthereb4

    beenthereb4 Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    568
    Yeah, it's the "Click here for live support" icon.
     
  18. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, vectrose

    I am not and not trying to prove myself at being clever, but as I said before my firewall is both Good and Clever:-

    Just been there, this is a few lines from my firewalls DNS Cache:-

    00:56:00 www.googleadservices.com New record 216.239.63.96, 64.233.171.96, 66.102.11.96, 216.239.57.96

    00:55:55 server.iad.liveperson.net New record 198.65.119.21

    00:5:53 www.acronis.com Cache hits 69.64.46.85


    Is that of any help, check yours.

    Take Care,
    TheQuest :cool:
     
  19. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello vectrose,

    TheQuest is right and server.iad.liveperson.net is a part of Acronis web-site. It is used for proper functionality Acronis Live Chat with the Sales Representative. However, it doesn't collect any info from your computer, it only shows how many people are there on the web-site, i.e. it just controls whether you are still on the site or not.

    Thank you.
    --
    Ilya Toytman
     
  20. vectrose

    vectrose Registered Member

    Joined:
    May 24, 2005
    Posts:
    14
    :) Thanks for the replys on this issue. I was concerned that there may be some kind of spyware with this program especially after researching the hijacking Sygate reported. Perhaps Sygate is too sensitive. I am not computer savy enough to determine the DNS cache indicated by TheQuest, so as long as it seems good to go then I will continue to use it.

    Cheers.
     
  21. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, vectrose

    It is part of my firewall logs, as I do not use Sygate firewall, I am sorry I can not tell you where to look for yours.

    Take Care,
    TheQuest :cool:
     
  22. Ed Y

    Ed Y Registered Member

    Joined:
    Oct 18, 2004
    Posts:
    86
    It's not all that unusual for firewall, adaware and spyware programs to report false positives. Most of them have the means to allow you to identify those that are legit and authorize them so the message doesn't appear again.
     
Thread Status:
Not open for further replies.