Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Public answer to a private question.

Not open for further replies.
Custom Title Activated
May 26, 2007
Reaction score
My answer to this question will always be the same, so I'll post this and request that nobody ask me again... like ever!
derpa said:
Hi Bobsobol

I use of [highlight]<insert derpy bugged client here>[/highlight] client but it is very big problem because every time in the game... blah blah blah [highlight]<gives away which derpy bugged client>[/highlight]

so it always error message game.dll / game.exe
you help me fix it error...?

[highlight]<insert url to derpy bugged client (thanks for that, at least poster, in other cases that would have been a help many forget)>[/highlight]
link file game.exe but it will remove by avg . antivirus . Trojạn : Agent . But you rest assured it does not affect anything. sure it was a virus when unpack files created

I use OllyDbg could not find a way to fix it. can you guide me?

I spent a lot of effort but can not do anything with it
I hope you help me

Thank you very much.
I'm not touching it because, game.exe is valid because, anti-virus is correct because, it is infected!

Strictly speaking, the reason it produces game.exe (or game.dll) is that the OS (anything >=XP SP2 on CPUs >=P4 / AthelonXP?) will detect that the code is trying to execute from memory locations allocated as read-write. (that's an "illegal operation" BTW, but wasn't caught in earlier OS / CPUs)

This is a technique known as "self-modifying code" and was (and should never now be) commonly used for protection, encryption and compression of executable code but even more commonly used for infection, trojan, data-mining, snooping, key-logging, credit and identity theft and "buffer overrun exploit!" It was secured in the OS (and by non-Windows OS years before XP SP2) for very good reasons.

Additionally, self-modifying code cannot be read by AV scanners, and this is why it was so popular, and why every AV scanner will flag it as infected. (because it is, anything evil enough to not want to allow an AV system to scan it should not be allowed on any system connected to the internet ... and some would say any software which you cannot download unobfuscated source code for shouldn't be allowed on a machine which is attached to the internet ... but I draw the line a "little" further back)

The way to fix your code is remove the security, which is not compatible with any system which is even vaguely safe to allow anywhere near the internet. Players can "disable DEP" in Windows to resolve this, but will be (from my experiments) massively infected within an hour of doing so while an internet connection is available. (probably doesn't apply within "the great firewall of China" ... which, I suspect, inherently contains similar protection for it's citizens, hooray for the PRC (; )

At best, they may set a DEP exclusion for the PT client, provided they firewall it from accessing the internet ... but then they can't log in. :wink: So why bother?

Since protection systems are designed not to be removed, the solution really is not to encrypt / compress / protect it in the first place. (you can't reliably "develop" such protected code anyway) So if you didn't apply the protection which causes this (ie restore the last backup before this error started) then you should throw that code away and start using a base which isn't broken beyond repair. (which is how I consider anything which produces that effect ... with good reason (; )

Yup. As far as I'm concerned, if you didn't cause that error to occur, then you (and certainly I) cannot fix it. Throw it away. It is bhaaaad! M'kay? ;) (don't use drugs, have unprotected sex, take up smoking, go binge drinking or drive while under the influence of alcohol... and never touch self-modifying code :wink:)

Not open for further replies.