The Enhanced Anti-Debug loader provides an increased level of protection against reverse engineering through a combination of anti-debugging and anti-dumping techniques. This loader is substantially more effective than is the standard anti-debug loader and is periodically updated and changed.
Since the Enhanced Anti-Debug loader is only used by a handful of companies and is periodically changed, attacking a particular build of the enhanced anti-debug loader specifically is not very rewarding for an author of an automatic unpacking program.
How do I use the Enhanced Anti-Debug loader?
You simply specify the loader plug-in in the command line of pec2.exe, or in the GUI settings dialog. We recommend you use it a long with IsDebuggPresent and API redirect plug-ins.
How do I download the latest build of the Enhanced Anti-Debug loader?
You will be given an account at our Support area after purchasing the EAD loader. It is there you can download it (and any previous or future versions of it).
Please contact us at firstname.lastname@example.org if you have any questions or concerns. Thank you for your interest.
The Enhanced Anti-Debug Loader plug-in will add an extra layer of protection, particularly when combined with the IsDebuggerPresent API hook plug-in. It is no guarantee that your application won't be reverse engineered, not by any means. Nobody can offer that guarantee. This alternate loader's primary purpose is to simply be different enough from the standard plug-in, and offer enough anti-debug capabilities, to make it a little harder for any reverse engineer. In the end, that is all you can do - make things a little harder.