Following the push of the dll, I was waiting the order.... Here it is, the probe sent the order to the computer.

- The alarm is:

Robotization MAP on hybrid network has detected a suspicious activity :

Date : Mon-05-Oct-2009_23_47_41

Suspicious file : c:\windows\system32\Restore\MachineGuid.txt

This file is only a signature that do some order to the soldier computer:

Data dumped in file offset: 0x0 File format: txt

7b 00 41 00 31 00 34 00 30 00 37 00 32 00 39 00 ; 00000 { A 1 4 0 7 2 9

32 00 2d 00 44 00 37 00 39 00 45 00 2d 00 34 00 ; 00010 2 - D 7 9 E - 4

32 00 34 00 37 00 2d 00 39 00 42 00 36 00 46 00 ; 00020 2 4 7 - 9 B 6 F

2d 00 42 00 36 00 30 00 39 00 43 00 44 00 37 00 ; 00030 - B 6 0 9 C D 7

31 00 37 00 41 00 46 00 38 00 7d 00 00 00 ; 00040 1 7 A F 8 }