Hello,
yes, you can call ZwSuspendProcess from usermode. In such a case, the API is equivalent to NtSuspendProcess one. Both are exported by ntdll.dll and both names map to the sme address.
yes, you can call ZwSuspendProcess from usermode. In such a case, the API is equivalent to NtSuspendProcess one. Both are exported by ntdll.dll and both names map to the sme address.
