setting bpx hmemcpy in softice for serial number, breaks each time a character is entered into the box. I have tried to do a search in the register following each break. I can locate the information I type in , but can't see what the program is comparing it to. So I can see the fake serial, but none of the registers seem to hold the real serial. Could the real serial be held in a dll text xtension file? There are a lot of calls to mfc42.dll and text elements in that library.

setting bpx hmemcpy in softice for serial number, breaks each time a character is entered into the box.

That is more the rule than the exception. you should either :
1. Set or activate the BPX hmemcpy AFTER you have entered all the serial digits but BEFORE you click OK.

2. I f you suspect the program is evaluating the serial "on the flight" as you enter it, break with hmemcpy after each character as you have been doing, but once you have written five or 6 digits, enough to form a unique pattern of bytes, try searching for it in the memory when Sice breaks and put a BPR on the area in memory the serial is being stored.

I have tried to do a search in the register following each break. I can locate the information I type in , but can't see what the program is comparing it to. So I can see the fake serial, but none of the registers seem to hold the real serial.

The Real serial may well not be in the registers. they may hold, in a convoluted way, the address for the real serial or the encoded serial.

It is also naive to think the serial most be somewhere in memory and the program is going to compare your fake with the real. There are more secure ways to validate a serial.
The program may encrypt your fake serial and compare it with an "encrypt" form of the real serial, or may perform some arithmetic transformations on the fake serial and then test for conditions that only a valid serial would pass etc, ect, etc.



Could the real serial be held in a dll text xtension file?


Yes, but the real serial may not be held anywhere...


There are a lot of calls to mfc42.dll and text elements in that library.


mfc42.dll is an operating system library, does not belong to your App. Should not contain any information specific to your target program, less a serial or protection info.

Thanks Bratcher, it was naive to believe that there would be a memory echo of the real serial. I guessed that I would get lucky as the prog also has a reg code and a license code which were echoed in memory. I suppose it just means I should learn a bit more before tackling this program again. As you have suggested, it may be that the real serial is not contained anywhere. Thanks for your time.