I just installed the latest version (1.4) from the code download and it is exhibiting trojan-like behavior.
After starting the app to demo and clicking around a few pages, ESET Smart Security alerted me that Visual Studio 2008's integrated web server (WebDev.WebServer.exe) was trying to communicate to a remote computer. 72.76.7bae.static.theplanet.com I denied the request and after a few seconds, it tried to communicate to the same server. It also tried to communicate to lander.sitesense-oo.com
Another thing that leads me to believe it is tied to the site code/behavior is that when I tried to go to the Admin section, the outbound message appeared. I denied it. And it reappeared. After denying it a couple more times, I just left that window open and moved it to the side. But what I noticed was that NopCommerce was stuck and not loading the Admin site. I re-clicked the Admin button/link and it still went nowhere.
Finally, I re-denied the outbound communication like 4 more time and it stopped popping up and it was at that point that the Admin site loaded itself. That outbound request has to be tied to some Request or Response code somewhere...
I tried doing a search for both of those URLs in the source code with no luck. Since I just now installed it, I haven't done an exhaustive search on what could be happening here, but it looks quite suspicious. If someone hacking into the download system and placed malicious code or dlls into the code, that would suck.
Any other possible reason's for this? Has anyone else encounteded this?
Thanks in advance.