|
ok, it turns out that the build of the exe the guy with the unlocked copy was using was newer than the one I was disassembling. And, even though it had the same ActiveMark version (5.14.1210), the "nop call" redirected functions were at a different place in the .bss segment.
Having found them, I am able to decrypt the encrypted data files. (by using said fake system dll on the machine of the person with the working copy)
However, my target wont work because the exe file I am using and the data files I have dont match (it crashes sometime during the loading process). If Nacho_dj could please run http://users.tpgi.com.au/adsloptd/rct3.rar through his magic unpacker, that would be GREAT...
|