Seeking Python-Based Solutions for MEMZ Program Termination

I am facing an issue that may be related to the design of the MEMZ program. Some malware or prank software is intentionally crafted to make termination difficult, displaying messages or badges even after the main process has ended. This behavior is aimed at making it more disruptive and challenging to remove. Therefore, I am seeking a Python-based approach to address this situation. How can I achieve this goal?

ex:

import psutil

nome_processo_pai = "MEMZ.exe"  # substitua pelo nome real do processo pai
processo_pai = next((p for p in psutil.process_iter(['pid', 'name']) if nome_processo_pai.lower() in p.info['name'].lower()), None)

if processo_pai:
    try:
        for filho in processo_pai.children(recursive=True):
            filho.kill()
        processo_pai.kill()
        print(f"Processo {nome_processo_pai} e seus filhos encerrados com sucesso.")
    except (psutil.NoSuchProcess, psutil.AccessDenied) as e:
        print(f"Erro ao encerrar processo: {e}")
else:
    print(f"Processo {nome_processo_pai} nĂŁo encontrado.")

I attempted to address the MEMZ program termination issue using a Python script. The expected outcome was the successful termination of the specified process and its children. The script utilized the psutil library to locate and terminate the target process. However, the actual result was that it displayed messages and triggered a blue screen (MEMZ). I am seeking guidance on how to improve the script or explore alternative Python-based solutions to effectively terminate the MEMZ program and its associated processes. Additionally, I am not looking to use subprocess for this purpose.

To be clear, MEMZ.exe is the malware or prank program that you want to terminate?

Did you test your code with a normal program? Does it successfully make other programs quit?

If the problem is only with the malware, then we can’t possibly fix it from here - knowing what to do, will depend on exactly how the malware works.

It’s possible to research this kind of thing, but I can’t understand wanting to try like this. If you know that there is malware on the computer, please follow instructions from Microsoft (or Apple, or whoever else is responsible for your operating system) to clean it up properly. There are any number of things that it could be doing, and it won’t be enough to just notice that a program is running and try to kill the process.

(In theory, once you have malware, the only way to really be sure of removing it is to “flatten and rebuild”.)

1 Like

It’s malware, I don’t have a virus, but I’m designing an antivirus. and the code closes normal programs

Almost nothing is a “virus” in the original sense any more, but malware is malware, and the MEMZ trojan definitely qualifies as malware.

Every program like this is unique. Existing anti-virus programs constantly get patched so they can learn the ways needed to deal with whatever is new and popular with the malware creators. (This has moved more and more towards ransomware trojans, because of the profit motive.) They can sometimes have some useful “heuristics” to detect a malicious program or try to disable it. But the malware writer gets to use all the dirty tricks the antivirus writer can use, and more (because the antivirus is only trying to use the operating system’s tools as advertised, but the malware writer will do all of that and also exploit bugs).

Code is only data, until it gets executed. The best defense against every kind of malware is a proper security model, that prevents the initial execution of whatever program, and which denies programs access to the resources needed for real harm.

What I’m trying to say is, the problem is not really solvable, in Python or any other programming language, and for the most part, existing anti-virus programs are a scam. (It’s popular for criminals to try to distribute their trojans, by pretending they are anti-virus programs! But even when they work as advertised, anti-virus programs can often greatly slow down the computer, interfere with normal programs trying to read and write files, or cause other problems.)

What if I stop memz from creating new children? because when I close one it can create another that psutil hadn’t seen.