Hi again, i am here to continue my newbieness of reversing.

I have located these datastructures in memory wich is all good but i cannot find a static base pointer to these, wich means, each time the application is restarted these structures are placed a little different place in memory.
I use L.Spiros Memory Hacking Software and Olly for my investigations.

(note: prior explotations include subverting an online mmo client for fun and profit and implementing a little manual codecave in a poker client, so while not a total-total newbie, still a newbie non the less.)

So I use MHS to locate interresting datastructures, on top of that i would use MHS again to locate pointers to these structures and again, sometimes, pointers to these pointers - wich again is usually a basepointer(static) wich I can build my framework around. I am not able to follow my usual approach here.

So i figured, fire up olly and locate the memory segment in the memory map. Done. Now whatever allocated this memorysegment 03310000-00B20000 is of interrest, so i do a search for a pointer to 03310000 and come up with three results, results located at 662edba4 etc etc. Not quite the base-address i was hoping for.
I am fumbling in the dark here, any advice for direction please ? :

I'd recommend writing an OllyScript to hook VirtualAlloc and dump the stack-trace every time VirtualAlloc is called. Then you can compare what you know to be in memory with that stack-trace log and see where VirtualAlloc was called from to allocate your data structure of interest.

Interresting, thanks, never 'scripted' Olly before but im sure it will be a handy skill in future endeavours as well.. let the learing commence .