//http://waleedassar.blogspot.com
//http://www.twitter.com/waleedassar

//Bypass for the non-killable process bug
//ZwSuspendProcess @ange4771 (Ange Albertini)

#include "stdafx.h"
#include "windows.h"
#include "stdio.h"

#define PROCESS_SUSPEND_RESUME  0x800

extern "C"
{
	int __stdcall ZwSuspendProcess(HANDLE);
}

void main()
{
	unsigned long pid=0;
	printf("Enter process id ");
	scanf("%d",&pid);
	if(!pid) return;

	HANDLE hProcess=OpenProcess(PROCESS_SUSPEND_RESUME,FALSE,pid);
	if(!hProcess) return;
	int ret=ZwSuspendProcess(hProcess);
	printf("Ret is %x\r\n",ret);
	CloseHandle(hProcess);
}