Professional Rootkits (Programmer to Programmer)
My installation software preference for intended installation onto Microsoft Windows operating systems is InstallShield. The setup.exe and product Name.msi files generated by InstallShield can be used by every major software management system to distribute software to every computer in the largest of networks, or an individual user can simply double-click the file to install a single copy.
Unfortunately, InstallShield is not free. If you are looking for a no-cost solution, you can write an application that copies the required files and creates the required registry entries. Ultimately, however, a professional rootkit will require professional installation techniques. Keep in mind that the price of the installation software will only go up, whereas your need for it will remain constant.
Another subcategory of intended installation is “intended by the company” but “not wanted by any user.” This is where the need for a professional installation meets the need to be stealthy. I have found that an InstallShield installation, installed by an SMS system, using “quiet” and “force restart” (msiexec) parameters, is the best approach. There is a slight need to obfuscate the name of the installation program, as this name will appear in the Add and Remove Programs applet, but something like “Microsoft Event Manager” or “OLE Service Controller” will virtually guarantee that users won’t remove the software just to see what happens.