a quick interpretation of the results: the "Windows Crypt*" signatures are referred to GameGuard so they can be ignored. seed_ss instead is a korean type of encryption (the game is korean too as far as I know) http://tools.ietf.org/rfc/rfc4269.txt for the rest the only important fields are...

the pk3 files of quakelive are simply xored with a big fixed sequence of bytes:
http://aluigi.org/papers.htm#q3

@shekofte:
virtualbox is free, very complete and continuosly updated: http://www.virtualbox.org

@asmxtx/shekofte:
that graph has a sense only for executables which use special encryptions and anti-debugging techniques

a lot of time ago I wrote an extractor for the archives used by 49games. it uses a compression that I wasn't able to identify at that time and due to the lack of interest I simply ripped the function which did the job. if you are interested to try it you can get it from: http://aluigi.org/papers/49g...

I have guessed some parts of the file so I have written a simple extractor which I have attached. in all the 3 files you attached the audio is pcm at 11025hz, 1 chan, 8 bits so I don't know if in the other files it can change. then the files seem to contain something like various blocks of alternate...

take a hex editor and substituite the first 16 bytes with the following: it will be decrypted BUT I think that the encryption key is changed from the original one of Lineage 2 so this is useless.

the decompilers can help a lot although don't expect to see the original code ready to use. in general for the executables there are commercial solutions like hex ray or the free, and very good since I have used and still use it, REC: http://www.backerstreet.com/rec/rec.htm there is also Boomerang (...

just for reference in case someone else was interested, the tool for decrypting uodemo.dat is http://aluigi.org/papers/uodemoext.zip now about the m scripts. I have rechecked the executable and I see no traces of encryption or compression, just because there are no functions which perform an input->...

if you refer to having an initial idea of what known algorithms could have been used in a program, personally I wrote and use a tool for this job: http://aluigi.org/mytoolz.htm#signsrch the disassembling/debugging job becomes more simple when you already know what algorithms are used and in what loc...

eh eh eh unfortunately I simply looked at the memory of RPGViewer with ollydbg :) anyway what amazes me is that a so good program which supports a so big number of games here in occident is totally unknown while (as far as I have seen searching on google some minutes ago) in china it's well known an...

the password of the zip archive used by RPGViewer is 4a3408a275b0343719ae2ab7250a8cab0c03b2178a58f2de
but I have not verified if it's fixed or generated at runtime (lack of interest).

@mambox for activemark encrypted files the only tool which seems to make the job is ActiveMark Decrypt: http://xchg.info/ARTeam/Tutorials/ARTeam_Releases/ but this is not valid in your case because this VNZ/batch file is not an AM one (in fact lacks of the classical signature of this type of file) a...

it's a classical unicode text that can be read using notepad launched through Applocale with the japanese coding (the last that you can choose in "language of the application" of applocale when choosing the program to launch): http://www.microsoft.com/globaldev/tools/apploc.mspx then load ...

for the GCF archives of Steam you need to use GCFScape: http://nemesis.thewavelength.net/index.php?p=25 remember that the games developed by Simbin have encrypted files so if you want to "play" (modding) with the GMT files of the game you need to decrypt them first: http://aluigi.org/paper...

the compression used in "Legend of the Crystal Skull" and probably other titles is the classical LZSS with the input bytes less a counter: compression: - compress with LZSS - for(i = 0; i < out_size; i++) out += i; decompression: - for(i = 0; i < in_size; i++) in -= i; - decompress with LZSS