I know that there are ways to use .net for altering user rights by using scripts and then compiling them etc. Something i’ve faced before but i couldn’t make up what it really is. I guess some attacker has connected to a computer and used putty to upload some data. Then managed to install a file named x.exe and the owner of that comp. reported that visual .net command started by itself (or an attacker did this who knows?) occassionally but not on meaningful intervals.Sometimes once 1 in 2 days and another time twice a week and so. I advised that owner to uninstall all .net tools framevork visual studio. and also that x.exe thing….he installed spybot then tightened his security settings to leave the minimum open port bundle as possible. Here my quesiton is what kind of an attack is this one. And what are possible threats and causes?
