So during early development of my upcoming horror game I used some free models for reference which I’m removing as I make progress. There’s no visual signs of a viruses right now that could mess up the gameplay. I’ve seen in the past though that if you put a free model, it can also insert separate assets which those separate assets could potentially contain a virus. So far, the way that I know how to detect a virus is when there’s a script or something that says “spread” or when something says “Fire”. I specialize more in building though and was wondering if you advanced scripters could share more methods to use later in the future.
If a certain model has a script that doesn’t need a script (like a building or an npc with a walk script) just remove it. Tbh you should remove all scripts from free models. If you do so you will be 100% save. You need to rescript the script if u needed it but thats much safer. I dont think using free models for you game is smart anyway but thats just my opinion.
You can use Ctrl+Shift+F on Windows or Command+Shift+F on Mac to search through every script in your game. Especially getfenv and require are signs of a malicious script in one of your models.
Always check what you’re installing. Whether it’s plugins or models, always make sure they can be trusted. With free models, it’s pretty straightforward – you take the model and inspect the scripts inside. If they look like a virus, you can simply delete them. With plugins, though, it’s more difficult. You can’t simply see the code of a plugin. There are a lot of trojans in the library and toolbox. Be careful about the creator, groups titled “Plugin Creator” could be groups made for this purpose. The best place to find plugins would be #resources:community-resources. They are usually made by members of the community in good standing, and if not, the reply section is always there.
Yes you will need to join studio test to get the output if you dont have paid plugins such as InCommand that can execute commands without “being ingame” + it can be just one script that is inserting other scripts.
There are multiple plugins such as GameGuard Antivirus created by @deluc_t and it is really useful.
Another way is like Blackmole111 said, CTRL SHIFT F in the studio and search for keywords such as require, getfenv, setfenv, insertservice, teleportservice, marketplaceservice, etc.
I have created a #resources post regarding that issue, see this post and scroll down to “7. | The Toolbox - The danger of malicious models and how to prevent them”.