How does the C++ implementation of SwampThing differ and what advantage does it offer?

The C++ implementation differs by not restoring the original command line after the process resumes, and by hiding the launched process's window via `STARTUPINFO` flags (`dwFlags` and `wShowWindow`). This allows it to work with commands that exit immediately, such as `cmd.exe /c start calc.exe`, where the logged command line shows a fake parameter (e.g., `cmd.exe /c start notepad.exe`). This extends the bypass capability to one-shot executions.