here i have a tiny program which only shows a msgbox and exits
the program is packed with armadillo 4.10 with standard protections , no copymem , no nanomites

well , i can find the oep easily with bp CreateThread ... then moving with F8 till i find the call ECX when ECX = 401000 , with a F7 it takes straight to the OEP ,

now the prob is , when i'm at there , with lordpe i cant dump the file it shows file access error

so, am i missing something ?

Maybe you should first set full access to the code section in your memory table, or just correct the file size in LordPE.

File access error should refer to files on the disk, not unpacked in memory:
Suggestions:
Try other dumpers, like PEtools, including olly dump plug-in.
can you dump something else that is not the protected file, while the armadillo file is loaded? is this an anti-dumping trick?
Figure out if it is LordPE that is not working or is it the file itself.
Try dumping parts: a page at a time, a section at a time and see if you figure out a pattern.

File could be protected with anti-dumps feature from dillo.

check the ACL on the directory you're trying to dump the file into. perhaps you don't have write-permission in that directory

i had this problem many times... it was b/c my av(nod32) though the dumped file was a virus... so i just disable it.. dumped it with lordpe and went on with the next steps.. see if that works for ya

one good man code plugin for LordPE, called armdump maybe it help someone..

Most likely it is this file size item that shoob refers to. Since you did not use copymem you should be able to dump easily. But Arma plays with the file's header in memory to corrupt it. So you have to fix it in LordPE before you dump.

-nt20