NtCreateThreadEx is a new API since Vista and it is very powerful. It is mostly used for DLL injection, but it can be used as an anti-debug trick aswell. No anti-anti-debug tool/plugin can defeat this. Continue reading →