Conviction_game.exe+15448 - 53                    - push ebx
Conviction_game.exe+15449 - 8B 45 08              - mov eax,[ebp+08]



; crypto
Conviction_game.exe+1544C - 8A 1C 17              - mov bl,[edi+edx]
Conviction_game.exe+1544F - 03 C6                 - add eax,esi
Conviction_game.exe+15451 - 30 18                 - xor [eax],bl
Conviction_game.exe+15453 - 8D 42 01              - lea eax,[edx+01]
Conviction_game.exe+15456 - 99                    - cdq 
Conviction_game.exe+15457 - F7 F9                 - idiv ecx
Conviction_game.exe+15459 - 46                    - inc esi
Conviction_game.exe+1545A - 3B 75 0C              - cmp esi,[ebp+0C]
Conviction_game.exe+1545D - 7C EA                 - jnge Conviction_game.exe+15449



Conviction_game.exe+1545F - 5B                    - pop ebx
Conviction_game.exe+15460 - 8D 4D EC              - lea ecx,[ebp-14]
Conviction_game.exe+15463 - E8 C56FFFFF           - call Conviction_game.exe+C42D



<<=====================


; profile.sav

Conviction_game.exe+154A6 - BE D4621D01           - mov esi,Conviction_game.exe+DD62D4
Conviction_game.exe+154AB - 68 78BDF300           - push Conviction_game.exe+B3BD78
Conviction_game.exe+154B0 - 68 64C2F300           - push Conviction_game.exe+B3C264
Conviction_game.exe+154B5 - 56                    - push esi
Conviction_game.exe+154B6 - 68 5CC2F300           - push Conviction_game.exe+B3C25C
Conviction_game.exe+154BB - E8 B1EBFFFF           - call Conviction_game.exe+14071

..
..



Conviction_game.exe+15536 - 56                    - push esi
Conviction_game.exe+15537 - 57                    - push edi
Conviction_game.exe+15538 - 50                    - push eax
Conviction_game.exe+15539 - B9 182F4A01           - mov ecx,Conviction_game.exe+10A2F18
Conviction_game.exe+1553E - E8 325AFFFF           - call Conviction_game.exe+AF75



; decrypt save
Conviction_game.exe+15543 - 50                    - push eax
Conviction_game.exe+15544 - 57                    - push edi
Conviction_game.exe+15545 - 89 45 64              - mov [ebp+64],eax
Conviction_game.exe+15548 - E8 AFFEFFFF           - call Conviction_game.exe+153FC
Conviction_game.exe+1554D - BE 00001000           - mov esi,00100000





; zlib check


Conviction_game.exe+56C15 - 59                    - pop ecx
Conviction_game.exe+56C16 - 8B 44 24 0C           - mov eax,[esp+0C]
Conviction_game.exe+56C1A - 89 06                 - mov [esi],eax
Conviction_game.exe+56C1C - 8B 44 24 10           - mov eax,[esp+10]
Conviction_game.exe+56C20 - 89 46 04              - mov [esi+04],eax
Conviction_game.exe+56C23 - 8B 44 24 14           - mov eax,[esp+14]
Conviction_game.exe+56C27 - 89 46 0C              - mov [esi+0C],eax
Conviction_game.exe+56C2A - 8B 44 24 18           - mov eax,[esp+18]
Conviction_game.exe+56C2E - 6A 04                 - push 04
Conviction_game.exe+56C30 - 56                    - push esi
Conviction_game.exe+56C31 - 89 46 10              - mov [esi+10],eax
Conviction_game.exe+56C34 - E8 477E8100           - call Conviction_game.exe+86EA80
Conviction_game.exe+56C39 - 59                    - pop ecx



Conviction_game.exe+15563 - E8 2A180400           - call Conviction_game.exe+56D92
Conviction_game.exe+15568 - 56                    - push esi
Conviction_game.exe+15569 - FF 75 60              - push [ebp+60]
Conviction_game.exe+1556C - 8D 4D 2C              - lea ecx,[ebp+2C]
Conviction_game.exe+1556F - FF 75 64              - push [ebp+64]
Conviction_game.exe+15572 - 57                    - push edi
Conviction_game.exe+15573 - E8 8A160400           - call Conviction_game.exe+56C02
Conviction_game.exe+15578 - 85 C0                 - test eax,eax






; edi = zlib data

Conviction_game.exe+1559D - 57                    - push edi
Conviction_game.exe+1559E - E8 FAD50200           - call Conviction_game.exe+42B9D



Conviction_game.exe+155A3 - 81 7D 58 48010000     - cmp [ebp+58],00000148
Conviction_game.exe+155AA - 59                    - pop ecx
Conviction_game.exe+155AB - 0F82 F0000000         - jb Conviction_game.exe+156A1
Conviction_game.exe+155B1 - 8B 75 60              - mov esi,[ebp+60]
Conviction_game.exe+155B4 - 8B 7D 5C              - mov edi,[ebp+5C]
Conviction_game.exe+155B7 - 8B 45 5C              - mov eax,[ebp+5C]
Conviction_game.exe+155BA - 6A 52                 - push 52
Conviction_game.exe+155BC - 59                    - pop ecx


; copy decrypt data - header part only  (150h bytes)
Conviction_game.exe+155BD - F3 A5                 - repe movsd 


Conviction_game.exe+155BF - 8A 00                 - mov al,[eax]
Conviction_game.exe+155C1 - 8B 75 3C              - mov esi,[ebp+3C]
Conviction_game.exe+155C4 - 8B 7D 60              - mov edi,[ebp+60]
Conviction_game.exe+155C7 - 88 45 64              - mov [ebp+64],al





Conviction_game.exe+9B852D - 75 15                 - jne Conviction_game.exe+9B8544
Conviction_game.exe+9B852F - C1 E9 02              - shr ecx,02
Conviction_game.exe+9B8532 - 83 E2 03              - and edx,03
Conviction_game.exe+9B8535 - 83 F9 08              - cmp ecx,08
Conviction_game.exe+9B8538 - 72 2A                 - jb Conviction_game.exe+9B8564

; data copy 2
Conviction_game.exe+9B853A - F3 A5                 - repe movsd 
Conviction_game.exe+9B853C - FF 24 95 5486DB00     - jmp dword ptr [edx*4+Conviction_game.exe+9B8654]





???
Conviction_game.exe+A98863 - 8B F3                 - mov esi,ebx
Conviction_game.exe+A98865 - 56                    - push esi
Conviction_game.exe+A98866 - 57                    - push edi
Conviction_game.exe+A98867 - 50                    - push eax
Conviction_game.exe+A98868 - E8 73FCF1FF           - call Conviction_game.exe+9B84E0
Conviction_game.exe+A9886D - 83 C4 0C              - add esp,0C
Conviction_game.exe+A98870 - 55                    - push ebp
Conviction_game.exe+A98871 - 8B C7                 - mov eax,edi
Conviction_game.exe+A98873 - E8 A8F3FFFF           - call Conviction_game.exe+A97C20
Conviction_game.exe+A98878 - 8B 44 24 0C           - mov eax,[esp+0C]
Conviction_game.exe+A9887C - 5E                    - pop esi
Conviction_game.exe+A9887D - 5D                    - pop ebp
Conviction_game.exe+A9887E - C2 0800               - ret 0008


<<===


; eax = save data decrypt??
Conviction_game.exe+A9890B - 8D 45 2C              - lea eax,[ebp+2C]
Conviction_game.exe+A9890E - 50                    - push eax
Conviction_game.exe+A9890F - 55                    - push ebp
Conviction_game.exe+A98910 - E8 FBFEFFFF           - call Conviction_game.exe+A98810


; ret
Conviction_game.exe+A98915 - 85 F6                 - test esi,esi
Conviction_game.exe+A98917 - 8B D8                 - mov ebx,eax
Conviction_game.exe+A98919 - 74 07                 - je Conviction_game.exe+A98922
Conviction_game.exe+A9891B - 8B FE                 - mov edi,esi
Conviction_game.exe+A9891D - E8 2E050000           - call Conviction_game.exe+A98E50
Conviction_game.exe+A98922 - 5E                    - pop esi
Conviction_game.exe+A98923 - 5F                    - pop edi
Conviction_game.exe+A98924 - 5D                    - pop ebp
Conviction_game.exe+A98925 - 8B C3                 - mov eax,ebx
Conviction_game.exe+A98927 - 5B                    - pop ebx
Conviction_game.exe+A98928 - C2 0400               - ret 0004



<<=================


Conviction_game.exe+64350 - 56                    - push esi
Conviction_game.exe+64351 - 8D 71 04              - lea esi,[ecx+04]
Conviction_game.exe+64354 - 56                    - push esi
Conviction_game.exe+64355 - FF 15 0492F200        - call dword ptr [Conviction_game.exe+B29204]

; ret, eax = save data
Conviction_game.exe+6435B - 57                    - push edi
Conviction_game.exe+6435C - 57                    - push edi
Conviction_game.exe+6435D - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+64360 - FF 75 08              - push [ebp+08]
Conviction_game.exe+64363 - E8 17FFFFFF           - call Conviction_game.exe+6427F


<<=================


Conviction_game.exe+42D57 - FF 75 20              - push [ebp+20]
Conviction_game.exe+42D5A - 8B 45 14              - mov eax,[ebp+14]
Conviction_game.exe+42D5D - FF 75 1C              - push [ebp+1C]
Conviction_game.exe+42D60 - 8B 0C 85 F81F3A01     - mov ecx,[eax*4+Conviction_game.exe+FA1FF8]
Conviction_game.exe+42D67 - 8B 11                 - mov edx,[ecx]
Conviction_game.exe+42D69 - 50                    - push eax
Conviction_game.exe+42D6A - FF 75 10              - push [ebp+10]
Conviction_game.exe+42D6D - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+42D70 - 53                    - push ebx
Conviction_game.exe+42D71 - FF 52 04              - call dword ptr [edx+04]


; ret, eax = save ptr
Conviction_game.exe+42D74 - 8B F0                 - mov esi,eax
Conviction_game.exe+42D76 - E8 15E9FBFF           - call Conviction_game.exe+1690
Conviction_game.exe+42D7B - 8B 08                 - mov ecx,[eax]
Conviction_game.exe+42D7D - 8B 01                 - mov eax,[ecx]



<<===========================


Conviction_game.exe+E5E5F - 56                    - push esi
Conviction_game.exe+E5E60 - 6A 04                 - push 04
Conviction_game.exe+E5E62 - 6A 01                 - push 01
Conviction_game.exe+E5E64 - 8B F1                 - mov esi,ecx
Conviction_game.exe+E5E66 - E8 EF5BF2FF           - call Conviction_game.exe+BA5A


; ret
Conviction_game.exe+E5E6B - 8B 54 24 08           - mov edx,[esp+08]






#2

Conviction_game.exe+A98861 - 72 02                 - jb Conviction_game.exe+A98865
Conviction_game.exe+A98863 - 8B F3                 - mov esi,ebx
Conviction_game.exe+A98865 - 56                    - push esi
Conviction_game.exe+A98866 - 57                    - push edi
Conviction_game.exe+A98867 - 50                    - push eax
Conviction_game.exe+A98868 - E8 73FCF1FF           - call Conviction_game.exe+9B84E0


; ret, eax = ptr
Conviction_game.exe+A9886D - 83 C4 0C              - add esp,0C



Conviction_game.exe+6435B - 57                    - push edi
Conviction_game.exe+6435C - 57                    - push edi
Conviction_game.exe+6435D - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+64360 - FF 75 08              - push [ebp+08]
Conviction_game.exe+64363 - E8 17FFFFFF           - call Conviction_game.exe+6427F
Conviction_game.exe+64368 - 83 C4 10              - add esp,10


Conviction_game.exe+42D5D - FF 75 1C              - push [ebp+1C]
Conviction_game.exe+42D60 - 8B 0C 85 F81F3A01     - mov ecx,[eax*4+Conviction_game.exe+FA1FF8]
Conviction_game.exe+42D67 - 8B 11                 - mov edx,[ecx]
Conviction_game.exe+42D69 - 50                    - push eax
Conviction_game.exe+42D6A - FF 75 10              - push [ebp+10]
Conviction_game.exe+42D6D - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+42D70 - 53                    - push ebx
Conviction_game.exe+42D71 - FF 52 04              - call dword ptr [edx+04]
Conviction_game.exe+42D74 - 8B F0                 - mov esi,eax




Conviction_game.exe+BB9F - FF 52 04              - call dword ptr [edx+04]


; ret, eax = save ptr
Conviction_game.exe+BBA2 - 89 06                 - mov [esi],eax
Conviction_game.exe+BBA4 - 5F                    - pop edi
Conviction_game.exe+BBA5 - 5E                    - pop esi
Conviction_game.exe+BBA6 - C2 0400               - ret 0004




Conviction_game.exe+E5E5F - 56                    - push esi
Conviction_game.exe+E5E60 - 6A 04                 - push 04
Conviction_game.exe+E5E62 - 6A 01                 - push 01
Conviction_game.exe+E5E64 - 8B F1                 - mov esi,ecx
Conviction_game.exe+E5E66 - E8 EF5BF2FF           - call Conviction_game.exe+BA5A
Conviction_game.exe+E5E6B - 8B 54 24 08           - mov edx,[esp+08]







#3
Conviction_game.exe+781DA1 - 8B F9                 - mov edi,ecx
Conviction_game.exe+781DA3 - 8B EB                 - mov ebp,ebx
Conviction_game.exe+781DA5 - 8B 96 14020000        - mov edx,[esi+00000214]
Conviction_game.exe+781DAB - 8B 44 24 14           - mov eax,[esp+14]
Conviction_game.exe+781DAF - 57                    - push edi
Conviction_game.exe+781DB0 - 52                    - push edx
Conviction_game.exe+781DB1 - 50                    - push eax
Conviction_game.exe+781DB2 - E8 69FB0500           - call Conviction_game.exe+7E1920
Conviction_game.exe+781DB7 - 83 C4 0C              - add esp,0C





#4
Conviction_game.exe+15649 - 50                    - push eax
Conviction_game.exe+1564A - FF 75 54              - push [ebp+54]
Conviction_game.exe+1564D - 8B CE                 - mov ecx,esi
Conviction_game.exe+1564F - E8 87BF3700           - call Conviction_game.exe+3915DB


; ret, ecx = ptr
Conviction_game.exe+15654 - 50                    - push eax
Conviction_game.exe+15655 - 8B CE                 - mov ecx,esi
Conviction_game.exe+15657 - FF 97 D8010000        - call dword ptr [edi+000001D8]
Conviction_game.exe+1565D - 8B 03                 - mov eax,[ebx]



<==


Conviction_game.exe+15283 - 8B 07                 - mov eax,[edi]
Conviction_game.exe+15285 - 8D 4D BC              - lea ecx,[ebp-44]
Conviction_game.exe+15288 - 51                    - push ecx
Conviction_game.exe+15289 - 8D 4D 94              - lea ecx,[ebp-6C]
Conviction_game.exe+1528C - 51                    - push ecx
Conviction_game.exe+1528D - FF B5 10010000        - push [ebp+00000110]
Conviction_game.exe+15293 - 8B CF                 - mov ecx,edi
Conviction_game.exe+15295 - FF 90 8C000000        - call dword ptr [eax+0000008C]


; ret
Conviction_game.exe+1529B - 8D 4D 94              - lea ecx,[ebp-6C]



<==


Conviction_game.exe+1505C - FF 50 78              - call dword ptr [eax+78]
Conviction_game.exe+1505F - 85 C0                 - test eax,eax
Conviction_game.exe+15061 - 74 0F                 - je Conviction_game.exe+15072
Conviction_game.exe+15063 - 8B 06                 - mov eax,[esi]
Conviction_game.exe+15065 - 57                    - push edi
Conviction_game.exe+15066 - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+15069 - 8B CE                 - mov ecx,esi
Conviction_game.exe+1506B - FF 50 7C              - call dword ptr [eax+7C]


; ret
Conviction_game.exe+1506E - 85 C0                 - test eax,eax



??
Conviction_game.exe+15085 - 8B 16                 - mov edx,[esi]
Conviction_game.exe+15087 - 83 C0 14              - add eax,14
Conviction_game.exe+1508A - 50                    - push eax
Conviction_game.exe+1508B - 57                    - push edi
Conviction_game.exe+1508C - FF 75 0C              - push [ebp+0C]
Conviction_game.exe+1508F - 8B CE                 - mov ecx,esi
Conviction_game.exe+15091 - FF 92 8C000000        - call dword ptr [edx+0000008C]
Conviction_game.exe+15097 - E8 D3F33700           - call Conviction_game.exe+39446F
Conviction_game.exe+1509C - 6A 00                 - push 00








Conviction_game.exe+EC832 - 8B 07                 - mov eax,[edi]
Conviction_game.exe+EC834 - 6A 04                 - push 04
Conviction_game.exe+EC836 - 8D 4E 5C              - lea ecx,[esi+5C]
Conviction_game.exe+EC839 - 51                    - push ecx
Conviction_game.exe+EC83A - 8B CF                 - mov ecx,edi
Conviction_game.exe+EC83C - FF 50 08              - call dword ptr [eax+08]


; ret - check here, esi
Conviction_game.exe+EC83F - 8B 07                 - mov eax,[edi]


Conviction_game.exe+EC852 - 8A 45 EB              - mov al,[ebp-15]
Conviction_game.exe+EC855 - 0FB6 C8               - movzx ecx,al
Conviction_game.exe+EC858 - 22 CB                 - and cl,bl
Conviction_game.exe+EC85A - 32 D2                 - xor dl,dl
Conviction_game.exe+EC85C - 3A D1                 - cmp dl,cl
Conviction_game.exe+EC85E - 57                    - push edi
Conviction_game.exe+EC85F - 1B C9                 - sbb ecx,ecx
Conviction_game.exe+EC861 - F7 D9                 - neg ecx
Conviction_game.exe+EC863 - 24 02                 - and al,02
Conviction_game.exe+EC865 - 23 CB                 - and ecx,ebx
Conviction_game.exe+EC867 - C1 E1 02              - shl ecx,02
Conviction_game.exe+EC86A - 3A D0                 - cmp dl,al
Conviction_game.exe+EC86C - 1B C0                 - sbb eax,eax
Conviction_game.exe+EC86E - F7 D8                 - neg eax
Conviction_game.exe+EC870 - 23 C3                 - and eax,ebx
Conviction_game.exe+EC872 - 0B C8                 - or ecx,eax


; write dops flags
Conviction_game.exe+EC874 - 8B 46 7C              - mov eax,[esi+7C]
Conviction_game.exe+EC877 - 03 C9                 - add ecx,ecx
Conviction_game.exe+EC879 - 83 E0 F5              - and eax,-0B
Conviction_game.exe+EC87C - 0B C8                 - or ecx,eax
Conviction_game.exe+EC87E - 89 4E 7C              - mov [esi+7C],ecx



Conviction_game.exe+EC881 - 8B 4E 44              - mov ecx,[esi+44]
Conviction_game.exe+EC884 - E8 FE410000           - call Conviction_game.exe+F0A87
