I stupidly installed Tencent (腾讯) QQ to talk to Chinese people. Tencent is a big company in China, like facebook in America, and everyone uses QQ. It rootkitted me and I should have realized it, but I didn't for a while. But the other day I happened to see some kernel code and it didn't look right. So...
Anyway, I'm hoping I can just do a restore from the laptop's system partition or whatever, but I was kind of curious about what this stuff does. I assume that it collects everything I say or do and sends it to Tencent and from there to the Chinese government, but I'm still curious.
So I wrote a little program with some library loader code I wrote a while back, and I wanted to try and catch some of the hidden processes running with it. This seems like a simple trick, and I might end up finding an easier way of doing it but...
The thing is, I think tencent is hiding a bunch of libraries that the kernel uses and that they have their own library loader to ensure that their libraries are loaded.
I'm hoping that someone can send me a big zip file full of the libraries I'm missing, 32 bit stuff for windows 10, preferable 10.0.15063, though the api-ms-win-core-api-query-l1-1-0.dll I have is 6.2.9200.16384 so maybe the version doesn't matter so much as long as it it's the 32 bit syswow libraries from an x64 machine. Or tell me where I can get this stuff.
Edited by peterius, 22 July 2017 - 07:26 AM.