[Morglum007]

Well, i think i should not guard my info, so bytemare and anyone who tries SF3 should know that.

1.- Finding the correct IT and fixing the muted one is not a problem. Just reallocate the rvas of the .dll that SF uses, and then, with ImpREC you can easyly find them. Then, finding the OEP is not a problem, just search for Getversion, and voilá......

2.- The problem with SF is that now, not only the CD check or the key are managed by the VM, like in the SF1 & 2 versions. Now the VM manage a lot of the original executable and there is a lot of code that must be generated.
The opcode table in the .text part of any executable shows how many opcodes are called and "muted". You should "translate" such table.

3.- In order to translate such table, most scene members do that by comparing, well, thats horrible!........xDDDDDDDDDDDD.
We did it but it is not a working way. If u want to translate such opcode that the VM call then, look into the near .dll that comes with the game. It is different from game to game and here it is.
Problem........that part is heavyly encrypted, so we must get around till get the API that translate such opcodes.

Well, i think u have a few clues about procceeding.

If that is not correct, then delete the whole post.

Knowledge is to everybody.

Those who do not share anything are not welcome for us.

Good luck!

TIP: I'm not a professional "cracker". I have learn that before manage to get SecuROM or SD..XDDD and i was a completely newby. Conclussion; eveyone could learn if they want. No special mind is required.