Known Malicious traffic between PC and aida64 server

[szrobi]

IDS detect network trojan traffic between PC and Aida64 server (82.131.160.82). It is more or less continuous (not only update/check)

Signature: ET TROJAN Known Malicious User-Agent (x) Win32/Tracur.A or OneStep Adware Related

What traffic is suppose to happen between this server and a client using the software?

[Fiery]

1 hour ago, szrobi said:

IDS detect network trojan traffic between PC and Aida64 server (82.131.160.82). It is more or less continuous (not only update/check)

Signature: ET TROJAN Known Malicious User-Agent (x) Win32/Tracur.A or OneStep Adware Related

What traffic is suppose to happen between this server and a client using the software?

I'm pretty sure that activity is not related to the clean AIDA64 build that you can download from our website.  Your AIDA64 copy may be infected or otherwise altered (cracked, hijacked, etc).

Basically there are 2 distinct internet activities that AIDA64 performs between the user's computer and our servers.  The first one is related to the auto-update feature, and should happen in the frequency you choose in AIDA64 / main menu / File / Preferences / General / NetUpdate.  You can completely disable the auto-update check there, if you wish.

The other activity only happens if you have the External IP Address sensor item placed on your OSD Panel, SensorPanel, LCD, log file, or used as an External Applications item.  That activity is repeated every 15 minutes while you keep AIDA64 running.  It simply pings our servers to obtain the external IP address of the user's computer.  The repeat frequency is set to 15 minutes in order to avoid putting too much pressure on our servers.

[szrobi]

Thanks - it resolves the problem, external IP monitoring for external applications was enabled. After disabling no more alert.

Regards,

Robert