Might as well bump this with some more info so people can reapply this fix to future versions more easily.
The first fix is to make sure all kinds of drives are checked for the needed files.
Code:
.00416BBA: FF15F4E07300 call GetDriveTypeA
.00416BC0: 83F805 cmp eax,005
.00416BC3: 7529 jne .000416BEE
.00416BC5: 57 push edi
(.. and again at ..)
.00416D30: FF15F4E07300 call GetDriveTypeA
.00416D36: 83F805 cmp eax,005
.00416D39: 7525 jne .000416D60 --
.00416D3B: 57 push edi
We simply nop (90 hex) the jne instructions to let the test fall through.
What they're trying to do is to locate the file "AutoRunMorrowind.exe" in the root of a CD-ROM (type 5) and then try to read the Videos off that drive, but we'll change that to instead scan for the file Morrowind.exe in the current directory. Once we'd patched the code to not care about the media type (see above), we'll have to look for the string "%sAutoRunMorrowind.exe",0 and replace that with ".\Morrowind.exe",0
The only problem after that is the loading of the movies. To fix this we first patch the string "%c:\Video\%s",0 to ".\Video\%s",0
The last thing to deal with is the expansion the string. Since we've in effect removed the first parameter to be expanded ("%c") we'll have to patch the code to send in the pointer to "%s" first instead.
We do that here:
Code:
.0042458E: 0FBEC0 movsx eax,al
.00424591: 55 push ebp
.00424592: 50 push eax
.00424593: 686CF87600 push 00076F86C
.00424598: 57 push edi
.00424599: FF1574E27300 call sprintf
Where we patch the "push eax" to instead push ebp again (opcode 55).
Done. Works for me. All this must be done after the executable is unwrapped, of course, if it happened to be SafeDisc'ed -- but SD often disappears in later patches because of costs and problems so this shouldn't be a problem.