I tried to patch a CD protection and it works pretty well.But i can't
Make it a Permanent One with 'Hiew'.The techniques described in this post is also not helping me very much.
I doubt the patch i had made in memory was on a DLL?!!!
How i could kow that while tracing Soft Ice traces on My Target EXE
it self (By seeing the name in Bottom right Corner Right.)
If i am wrong please tell me more about it
Thanx in Advance

Try to rephrase your questions, and what you have tried in a list of short sentences. I can only glimpse what your problems are.

Well.I patched on an Offset 6b809264.But it is not found on 'HIEW".
So i thought the patched code would be a DLL, where i can run the program. But after re-starting i can't Run it...

That is why i could n't find that address in HIEW.

my question was how to find out that we are still working on that target EXE, not a dll outside the code.

Try to look at your target in any petool like procdump or lordpe. Choose your target from a list of processes and examine what dll's it uses. Also you'll see there base addresses of each dll. If the address is close to your patched offset you can treat it as dll you that need, i.e. 6b800000 or 6b700000 base address would satisfy your search. Than simply patch that dll

The other way to make loader for your target that will patch your app not permanently (only in memory). I'd suggest to use R!SC's PROCESS PATCHER. It's a bit old, but I like it very much.



About your question. You can simply calculate range of the addresses of your exe. Use any peeditor.