BOOL STDCALL OSIncompatibleModulesLoaded()
{
StringList moduleList;
//Modules that will likely cause OBS to crash because they hooked it.
//This list is checked on stream start only.
if (!OSGetLoadedModuleList(GetCurrentProcess(), moduleList))
return 0;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("dxtorycore.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorycore64.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorymm.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorymm64.dll")) || //DXTory
!scmp(moduleName, TEXT("rtsshooks.dll")) || //EVGA Precision OSD
!scmp(moduleName, TEXT("axonoverlay.dll")) || //Dolby Axon
!scmp(moduleName, TEXT("action_x86.dll")) || //Action!
!scmp(moduleName, TEXT("action_x64.dll"))) //Action!
{
return 1;
}
else if (!scmp(moduleName, TEXT("atkdx11disp.dll"))) //ASUS GamerOSD
{
//ASUS GamerOSD is so terrible we can't even cleanly shutdown once it loads, trying to unload D3D crashes too (!)
CrashError (TEXT("ASUS GamerOSD has been detected. This program installs user mode driver hooks which will corrupt the Direct3D state and crash OBS. Please uninstall ASUS GamerOSD if you wish to use OBS."));
}
}
return 0;
}
BOOL STDCALL OSIncompatibleModulesLoaded()
{
StringList moduleList;
//Modules that will likely cause OBS to crash because they hooked it.
//This list is checked on stream start only.
if (!OSGetLoadedModuleList(GetCurrentProcess(), moduleList))
return 0;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("dxtorycore.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorycore64.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorymm.dll")) || //DXTory
!scmp(moduleName, TEXT("dxtorymm64.dll")) || //DXTory
!scmp(moduleName, TEXT("atkdx11disp.dll")) || //ASUS OSD
!scmp(moduleName, TEXT("rtsshooks.dll"))) //EVGA Precision OSD
{
return 1;
}
}
return 0;
}
BOOL IsWebrootLoaded()
{
BOOL ret = FALSE;
StringList moduleList;
OSGetLoadedModuleList (GetCurrentProcess(), moduleList);
HMODULE msIMG = GetModuleHandle(TEXT("MSIMG32"));
if (msIMG)
{
FARPROC alphaBlend = GetProcAddress(msIMG, "AlphaBlend");
if (alphaBlend)
{
if (!IsBadReadPtr(alphaBlend, 5))
{
BYTE opCode = *(BYTE *)alphaBlend;
if (opCode == 0xE9)
{
if (moduleList.HasValue(TEXT("wrusr.dll")))
ret = TRUE;
}
}
}
}
return ret;
}
//This function checks for DLLs that are known to cause problems, but we need to be more specific than a generic "incompatible modules"
//message. As we expect these to change often, I'm not bothering with localization. These DLLs are generally buggy drivers, malware, etc
VOID STDCALL OSCheckForBuggyDLLs ()
{
StringList moduleList;
if (!OSGetLoadedModuleList(GetCurrentProcess(), moduleList))
return;
if (moduleList.HasValue(TEXT("sendori.dll")))
{
Log(TEXT("BUGGY DLL DETECTED: sendori.dll"));
MessageBox (hwndMainAppWindow, TEXT("Your system appears to be infected with the Sendori malware, which can crash OBS and cause other problems. Please run a malware scan."), TEXT("Warning"), MB_ICONEXCLAMATION);
}
if (moduleList.HasValue(TEXT("qproxy.dll")))
{
Log(TEXT("BUGGY DLL DETECTED: qproxy.dll"));
MessageBox (hwndMainAppWindow, TEXT("Your system has an unknown LSP module installed which can cause OBS crashes / lag and other problems. Please remove qproxy.dll using a tool such as autoruns, or reset your TCP/IP settings (search KB299357 for more information)."), TEXT("Warning"), MB_ICONEXCLAMATION);
}
//FIXME: add a version check for bigfoot networks LSP (bfllr.dll), crashes OBS on old versions.
}
BOOL STDCALL OSIncompatibleModulesLoaded()
{
StringList moduleList;
if (!OSGetLoadedModuleList(GetCurrentProcess(), moduleList))
return 0;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("dxtorycore.dll")) ||
!scmp(moduleName, TEXT("dxtorycore64.dll")) ||
!scmp(moduleName, TEXT("dxtorymm.dll")) ||
!scmp(moduleName, TEXT("dxtorymm64.dll")))
{
return 1;
}
}
return 0;
}
void RefreshWindowList(HWND hwndCombobox, ConfigDialogData &configData)
{
SendMessage(hwndCombobox, CB_RESETCONTENT, 0, 0);
configData.ClearData();
HWND hwndCurrent = GetWindow(GetDesktopWindow(), GW_CHILD);
do
{
if(IsWindowVisible(hwndCurrent))
{
RECT clientRect;
GetClientRect(hwndCurrent, &clientRect);
String strWindowName;
strWindowName.SetLength(GetWindowTextLength(hwndCurrent));
GetWindowText(hwndCurrent, strWindowName, strWindowName.Length()+1);
HWND hwndParent = GetParent(hwndCurrent);
DWORD exStyles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_EXSTYLE);
DWORD styles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_STYLE);
if (strWindowName.IsValid() && sstri(strWindowName, L"battlefield") != nullptr)
exStyles &= ~WS_EX_TOOLWINDOW;
if((exStyles & WS_EX_TOOLWINDOW) == 0 && (styles & WS_CHILD) == 0 /*&& hwndParent == NULL*/)
{
BOOL bFoundModule = true;
DWORD processID;
GetWindowThreadProcessId(hwndCurrent, &processID);
if(processID == GetCurrentProcessId())
continue;
TCHAR fileName[MAX_PATH+1];
scpy(fileName, TEXT("unknown"));
char pOPStr[12];
mcpy(pOPStr, "NpflUvhel{x", 12);
for (int i=0; i<11; i++) pOPStr[i] ^= i^1;
OPPROC pOpenProcess = (OPPROC)GetProcAddress(GetModuleHandle(TEXT("KERNEL32")), pOPStr);
HANDLE hProcess = (*pOpenProcess)(PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, processID);
if(hProcess)
{
DWORD dwSize = MAX_PATH;
QueryFullProcessImageName(hProcess, 0, fileName, &dwSize);
StringList moduleList;
if (OSGetLoadedModuleList(hProcess, moduleList) && moduleList.Num())
{
//note: this doesn't actually work cross-bit, but we may as well make as much use of
//the data we can get.
bFoundModule = false;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("d3d9.dll")) ||
!scmp(moduleName, TEXT("d3d10.dll")) ||
!scmp(moduleName, TEXT("d3d10_1.dll")) ||
!scmp(moduleName, TEXT("d3d11.dll")) ||
!scmp(moduleName, TEXT("dxgi.dll")) ||
!scmp(moduleName, TEXT("d3d8.dll")) ||
!scmp(moduleName, TEXT("opengl32.dll")))
{
bFoundModule = true;
break;
}
}
if (!bFoundModule)
{
CloseHandle(hProcess);
continue;
}
}
CloseHandle(hProcess);
}
else
{
hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, processID);
if(hProcess)
{
configData.adminWindows << strWindowName;
CloseHandle(hProcess);
}
continue;
}
//-------
String strFileName = fileName;
strFileName.FindReplace(TEXT("\\"), TEXT("/"));
String strText;
strText << TEXT("[") << GetPathFileName(strFileName);
strText << TEXT("]: ") << strWindowName;
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)strText.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)hwndCurrent);
String strClassName;
strClassName.SetLength(256);
GetClassName(hwndCurrent, strClassName.Array(), 255);
strClassName.SetLength(slen(strClassName));
TCHAR *baseExeName;
baseExeName = wcsrchr(fileName, '\\');
if (!baseExeName)
baseExeName = fileName;
else
baseExeName++;
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = strClassName;
info.strExecutable = baseExeName;
info.bRequiresAdmin = false; //todo: add later
info.bFoundHookableModule = bFoundModule;
info.strExecutable.MakeLower();
}
}
} while (hwndCurrent = GetNextWindow(hwndCurrent, GW_HWNDNEXT));
if(OSGetVersion() < 8)
{
BOOL isCompositionEnabled = FALSE;
DwmIsCompositionEnabled(&isCompositionEnabled);
if(isCompositionEnabled)
{
String strText;
strText << TEXT("[DWM]: ") << Str("Sources.SoftwareCaptureSource.MonitorCapture");
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)strText.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)NULL);
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = TEXT("Dwm");
info.strExecutable = TEXT("dwm.exe");
info.bRequiresAdmin = false; //todo: add later
info.bFoundHookableModule = true;
}
}
// preserve the last used settings in case the target isn't open any more, prevents
// Properties -> OK selecting a new random target.
String oldWindow = configData.data->GetString(TEXT("window"));
String oldClass = configData.data->GetString(TEXT("windowClass"));
String oldExe = configData.data->GetString(TEXT("executable"));
UINT windowID = (UINT)SendMessage(hwndCombobox, CB_FINDSTRINGEXACT, -1, (LPARAM)oldWindow.Array());
if (windowID == CB_ERR && oldWindow.IsValid() && oldClass.IsValid())
{
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)oldWindow.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)NULL);
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = oldClass;
info.strExecutable = oldExe;
info.bRequiresAdmin = false; //todo: add later
info.bFoundHookableModule = true;
}
}
BOOL STDCALL OSIncompatiblePatchesLoaded(String &errors)
{
BOOL ret = FALSE;
StringList moduleList;
OSGetLoadedModuleList (GetCurrentProcess(), moduleList);
//known problematic code modification hooks can be checked for here
//current checks:
//TeamSpeak 3 Overlay (hooks CreateDXGIFactory1 in such a way that it fails when called by OBS)
//Webroot Secureanywhere (hooks GDI calls and prevents OBS from screen capturing among other issues)
HMODULE dxGI = GetModuleHandle(TEXT("DXGI.DLL"));
if (dxGI)
{
FARPROC createFactory = GetProcAddress(dxGI, "CreateDXGIFactory1");
if (createFactory)
{
if (!IsBadReadPtr(createFactory, 5))
{
BYTE opCode = *(BYTE *)createFactory;
if (opCode == 0xE9)
{
if (moduleList.HasValue(TEXT("ts3overlay_hook_win32.dll")) ||
moduleList.HasValue(TEXT("ts3overlay_hook_win64.dll")))
{
errors << TEXT("TeamSpeak 3 overlay has loaded into OBS and will cause problems. Please set \"Disable Loading\" for OBS.EXE in your TeamSpeak 3 overlay settings or visit http://bit.ly/OBSTS3 for help.");
ret = TRUE;
}
}
}
}
}
//I'm just going to make this a warning that pops up when the app starts instead of actually preventing people from using the app
//People are complaining about this a bit too much and it's just like "whatever, do whatever you want"
/*HMODULE msIMG = GetModuleHandle(TEXT("MSIMG32"));
if (msIMG)
{
FARPROC alphaBlend = GetProcAddress(msIMG, "AlphaBlend");
if (alphaBlend)
{
if (!IsBadReadPtr(alphaBlend, 5))
{
BYTE opCode = *(BYTE *)alphaBlend;
if (opCode == 0xE9)
{
if (moduleList.HasValue(TEXT("wrusr.dll")))
{
if (!errors.IsEmpty())
errors << TEXT("\r\n\r\n");
errors << TEXT("Webroot Secureanywhere appears to be active. This product is incompatible with OBS as the security features block OBS from accessing Windows GDI functions. Please add OBS.exe to the Secureanywhere exceptions list and restart OBS - see http://bit.ly/OBSWR if you need help.");
ret = TRUE;
}
}
}
}
}*/
return ret;
}
void RefreshWindowList(HWND hwndCombobox, ConfigDialogData &configData)
{
SendMessage(hwndCombobox, CB_RESETCONTENT, 0, 0);
configData.ClearData();
BOOL bWindows64bit = Is64BitWindows();
BOOL bCurrentProcessIsWow64 = FALSE;
IsWow64Process(GetCurrentProcess(), &bCurrentProcessIsWow64);
HWND hwndCurrent = GetWindow(GetDesktopWindow(), GW_CHILD);
do
{
if(IsWindowVisible(hwndCurrent))
{
RECT clientRect;
GetClientRect(hwndCurrent, &clientRect);
HWND hwndParent = GetParent(hwndCurrent);
DWORD exStyles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_EXSTYLE);
DWORD styles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_STYLE);
if( (exStyles & WS_EX_TOOLWINDOW) == 0 && (styles & WS_CHILD) == 0 /*&& hwndParent == NULL*/)
{
String strWindowName;
strWindowName.SetLength(GetWindowTextLength(hwndCurrent));
GetWindowText(hwndCurrent, strWindowName, strWindowName.Length()+1);
bool b64bit = false;
//-------
DWORD processID;
GetWindowThreadProcessId(hwndCurrent, &processID);
if(processID == GetCurrentProcessId())
continue;
TCHAR fileName[MAX_PATH+1];
scpy(fileName, TEXT("unknown"));
HANDLE hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, processID);
if(hProcess)
{
BOOL bTargetProcessIsWow64 = FALSE;
IsWow64Process(hProcess, &bTargetProcessIsWow64);
DWORD dwSize = MAX_PATH;
QueryFullProcessImageName(hProcess, 0, fileName, &dwSize);
StringList moduleList;
OSGetLoadedModuleList(hProcess, moduleList);
CloseHandle(hProcess);
//todo: remove later
if(bCurrentProcessIsWow64 != bTargetProcessIsWow64)
{
configData.opposingBitWindows << strWindowName;
continue;
}
BOOL bFoundModule = FALSE;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("d3d9.dll")) ||
!scmp(moduleName, TEXT("d3d10.dll")) ||
!scmp(moduleName, TEXT("d3d10_1.dll")) ||
!scmp(moduleName, TEXT("d3d11.dll")) ||
!scmp(moduleName, TEXT("opengl32.dll")))
{
bFoundModule = true;
break;
}
}
if (!bFoundModule)
continue;
b64bit = (bWindows64bit && !bTargetProcessIsWow64);
}
else
{
hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, processID);
if(hProcess)
{
BOOL bTargetProcessIsWow64 = FALSE;
IsWow64Process(hProcess, &bTargetProcessIsWow64);
if(bCurrentProcessIsWow64 != bTargetProcessIsWow64)
configData.opposingBitWindows << strWindowName;
configData.adminWindows << strWindowName;
CloseHandle(hProcess);
}
continue;
}
//-------
String strFileName = fileName;
strFileName.FindReplace(TEXT("\\"), TEXT("/"));
String strText;
strText << TEXT("[") << GetPathFileName(strFileName);
strText << (b64bit ? TEXT("*64") : TEXT("*32"));
strText << TEXT("]: ") << strWindowName;
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)strText.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)hwndCurrent);
String strClassName;
strClassName.SetLength(256);
GetClassName(hwndCurrent, strClassName.Array(), 255);
strClassName.SetLength(slen(strClassName));
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = strClassName;
info.b64bit = b64bit;
info.bRequiresAdmin = false; //todo: add later
}
}
} while (hwndCurrent = GetNextWindow(hwndCurrent, GW_HWNDNEXT));
}
void RefreshWindowList(HWND hwndCombobox, ConfigDialogData &configData)
{
SendMessage(hwndCombobox, CB_RESETCONTENT, 0, 0);
configData.ClearData();
HWND hwndCurrent = GetWindow(GetDesktopWindow(), GW_CHILD);
do
{
if(IsWindowVisible(hwndCurrent))
{
RECT clientRect;
GetClientRect(hwndCurrent, &clientRect);
String strWindowName;
strWindowName.SetLength(GetWindowTextLength(hwndCurrent));
GetWindowText(hwndCurrent, strWindowName, strWindowName.Length()+1);
HWND hwndParent = GetParent(hwndCurrent);
DWORD exStyles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_EXSTYLE);
DWORD styles = (DWORD)GetWindowLongPtr(hwndCurrent, GWL_STYLE);
if (strWindowName.IsValid() && sstri(strWindowName, L"battlefield") != nullptr)
exStyles &= ~WS_EX_TOOLWINDOW;
if((exStyles & WS_EX_TOOLWINDOW) == 0 && (styles & WS_CHILD) == 0 /*&& hwndParent == NULL*/)
{
DWORD processID;
GetWindowThreadProcessId(hwndCurrent, &processID);
if(processID == GetCurrentProcessId())
continue;
TCHAR fileName[MAX_PATH+1];
scpy(fileName, TEXT("unknown"));
char pOPStr[12];
mcpy(pOPStr, "NpflUvhel{x", 12);
for (int i=0; i<11; i++) pOPStr[i] ^= i^1;
OPPROC pOpenProcess = (OPPROC)GetProcAddress(GetModuleHandle(TEXT("KERNEL32")), pOPStr);
HANDLE hProcess = (*pOpenProcess)(PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, processID);
if(hProcess)
{
DWORD dwSize = MAX_PATH;
QueryFullProcessImageName(hProcess, 0, fileName, &dwSize);
StringList moduleList;
OSGetLoadedModuleList(hProcess, moduleList);
CloseHandle(hProcess);
//note: this doesn't actually work cross-bit
/*BOOL bFoundModule = FALSE;
for(UINT i=0; i<moduleList.Num(); i++)
{
CTSTR moduleName = moduleList[i];
if (!scmp(moduleName, TEXT("d3d9.dll")) ||
!scmp(moduleName, TEXT("d3d10.dll")) ||
!scmp(moduleName, TEXT("d3d10_1.dll")) ||
!scmp(moduleName, TEXT("d3d11.dll")) ||
!scmp(moduleName, TEXT("opengl32.dll")))
{
bFoundModule = true;
break;
}
}
if (!bFoundModule)
continue;*/
}
else
{
hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, processID);
if(hProcess)
{
configData.adminWindows << strWindowName;
CloseHandle(hProcess);
}
continue;
}
//-------
String strFileName = fileName;
strFileName.FindReplace(TEXT("\\"), TEXT("/"));
String strText;
strText << TEXT("[") << GetPathFileName(strFileName);
strText << TEXT("]: ") << strWindowName;
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)strText.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)hwndCurrent);
String strClassName;
strClassName.SetLength(256);
GetClassName(hwndCurrent, strClassName.Array(), 255);
strClassName.SetLength(slen(strClassName));
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = strClassName;
info.bRequiresAdmin = false; //todo: add later
}
}
} while (hwndCurrent = GetNextWindow(hwndCurrent, GW_HWNDNEXT));
if(OSGetVersion() < 8)
{
BOOL isCompositionEnabled = FALSE;
DwmIsCompositionEnabled(&isCompositionEnabled);
if(isCompositionEnabled)
{
String strText;
strText << TEXT("[DWM]: ") << Str("Sources.SoftwareCaptureSource.MonitorCapture");
int id = (int)SendMessage(hwndCombobox, CB_ADDSTRING, 0, (LPARAM)strText.Array());
SendMessage(hwndCombobox, CB_SETITEMDATA, id, (LPARAM)NULL);
WindowInfo &info = *configData.windowData.CreateNew();
info.strClass = TEXT("Dwm");
info.bRequiresAdmin = false; //todo: add later
}
}
}
