GameGuard Anti Virus V2 [ALPHA]

I would recommend it to be No for search for require.
Since most admin scripts use require

But the plugin’s good!

1 Like

Update

Man, GameGuard keeps on updating! Lets see what new we have in this update…

Changelog

  • Faster loading (thanks to the logging)
  • Finished logging
  • New Quarantine system!
  • New context menu!
  • Fixed bugs with removing threats

Previews?

To quarantine or view a detected threat, right-click on a threat that was detected in the Results.

yes i know that circle looks disgusting

As you can see, you can quarantine/view a script with the context menu. More options will come soon, such as whitelisting.
Viewing a script does what expected; opens up the script.

What is this… quarantine?

Please remember that quarantining could have bugs; it was just made.
Quarantining a script does 3 things:

  • Disables the script from running
  • Comments out the script
  • Puts the script into the new folder, “[GAMEGUARD] Quarantined” in ServerScriptService.

image
image

How do I update?

You can just go to Plugins > Manage Plugins > Update All.
image

The end.

Thank you, everyone, for supporting me through this journey. Without you I wouldn’t be working on this plugin day and night!
Now, lets become the best Roblox Antivirus! :laughing:

4 Likes

Tysm, a think I might have had a malicous plug in. :sweat: I never knew my game infected was that bad lol.

2 Likes

You can now quarantine scripts in quarantine!

3 Likes

Yes but antivirus scripts in game are only caused by freemodels, and you can simply delete the scripts in models or look through them manually. It honestly does not take much time. If you open up a script and you see that you can scroll for a long time, that means it is a virus. That is pretty much all information you need.

Not always.
These come from plugins as well, and sometimes creators of big plugins slip in a backdoor into it. This plugin will detect those.

Yes, but these aren’t the only type of viruses… some of them are “hidden” (this plugin will also detect them). You can read about them here.

It takes lots of time to remove a backdoor, especially if inserted via plugin. Plugins have the ability to run code in studio, which means they can make the script be unremovable.
But free models can take a pretty long time to remove the viruses as well. Let’s say you insert a cafe; or a house for example. You will need to search every 1k part in the model for a script, and there is probably over 15 scripts in such free model which can take lots of time to search through for malicious keywords. This plugin will automate the search and secure your game.

2 Likes

Well if it for plugins, you make a good point there. However, you can still check the plugin’s contents in studio.

1 Like

You can, but that doesn’t mean the malicious scripts arent hidden.

1 Like

I found this script in my game that breaks mesh vehicles. There were multiple instances of this script in the game.

if (script.Parent == workspace) then
	function checkForAndSwitch(player)
		if (player.SuperSafeChat == true) then
			player.SuperSafeChat = false;
			wait(5);
			local m = Instance.new("Message");
			m.Text = "Press the / key to start typing.";
			m.Parent = player;
			wait(5);
			m.Text = "Then press Enter to send your message.";
			wait(5);
			m:Remove();
			m = nil;
		end
		player = nil;
		collectgarbage("collect");
	end

	function onChildAddedToPlayers(obj)
		if (obj.className == "Player") then
			checkForAndSwitch(obj);
			local m = Instance.new("Message");
			m.Text = "Have fun!";
			m.Parent = obj;
			wait(5);
			m:Remove();
			m = nil;
		end
		obj = nil;
		collectgarbage("collect");
	end

	function onChildAddedToWorkspace(obj)
		if (obj.className == "Model") then
			if (game.Players:playerFromCharacter(obj) ~= nil) then
				checkForAndSwitch(game.Players:playerFromCharacter(obj));
			end
		end
		obj = nil;
		collectgarbage("collect");
	end

	function findLowestLevel(obj)
		local c = obj:GetChildren();
		local lowestLevel = true;

		for i, v in pairs(c) do
			if (v.className == "Model" or v.className == "Tool" or v.className == "HopperBin" or v == workspace or v == game.Lighting or v == game.StarterPack) then
				lowestLevel = false;
				wait();
				findLowestLevel(v);
			end
		end

		if (obj ~= workspace and lowestLevel == true and (obj:FindFirstChild(script.Name) == nil)) then
			if (obj ~= game.Lighting and obj ~= game.StarterPack) then
				local s = script:Clone();
				s.Parent = obj;
			end
		end
	end

	findLowestLevel(game);

	game.Players.ChildAdded:connect(onChildAddedToPlayers);
	game.Workspace.ChildAdded:connect(onChildAddedToWorkspace);
else
	local findScript = workspace:FindFirstChild(script.Name);

	if (findScript == nil) then
		local s = script:Clone();
		s.Parent = workspace;
	end
end

--[[function findAllCopies(obj)
	local c = obj:GetChildren();

	for i, v in pairs(c) do
		if (v.Name == script.Name and v.className == "Script" and v ~= script) then
			v.Parent = nil;
		elseif (v.className == "Model" or v.className == "Tool" or v.className == "HopperBin" or v == workspace or v == game.Lighting or v == game.StarterPack) then
			findAllCopies(v);
		end
	end
end

findAllCopies(game);

script.Parent = nil;]]
1 Like

Thanks! I will use that for future detection updates! :grin:

1 Like

Could you maybe remove some of the unnecessary prints whenever I press enter?

Like this:

game:GetService("UserInputService").InputBegan:Connect(function(userInput)
	if userInput.KeyCode == Enum.KeyCode.Return then
		good = true
		for i,v in pairs(whitelisted) do
			print(v," | ",i) -- This part
			if input.Text == v then
				good = false
			end
		end

It will stop some of the clutter that I get when testing something that needs the Enter key

1 Like

Yes, I will remove that in the next update! :slight_smile:

the next update will have plugin scanning, bug fixes, etc!

1 Like

This is great! I used to use Ro-Defender but I think this is better

2 Likes

Update

Man, GameGuard keeps on updating! Let’s see what new we have in this update…

Changelog

  • Removed the "Log Stats: " button.
  • Fixed bugs with scanning.
  • Added an auto-updating scroll GUI, meaning if you have thousands of threats your scrolling frame will never run out of the room.
  • Fixed bug with right-clicking deleting the threat instead of opening up the context menu.
  • Fixed the settings toggle icon not showing. finally!
    image
  • Fixed annoying printing and errors during startup; and in-game like @boomboomsha suggested.

How do I update?

You can just go to Plugins > Manage Plugins > Update All.
image

The end.

This wasn’t a big one, but a pretty good one.
A big update is coming when we hit 1,000 sales! :open_mouth:
Now, lets become the best Roblox Antivirus! :laughing:

4 Likes

I’ve just checked the source of your antivirus, and all you do is check for some extremely common keywords (luraph, synapse, …) which are easily modifiable in the LBI exploiters use to obfuscate their backdoors.
Your badNames table is even worse, as you just check for extremely specific things, which are even easier to modify.

Server-sides / backdoors always will bypass this, and even though I’ve never involved nor made any backdoors, your threats table is extremely easy to bypass.
I won’t post methods to bypass these keywords here as skids will probably read this, but I’ll just state that competent exploiters can easily bypass this.
Your keywords are extremely scarce, and can easily be replaced with other alternatives.

Not only that, but the source code was a pain to read in the first place…

Overall, I wouldn’t reccomend using this module; most server-sides with competent developers behind them wouldn’t even waste their time on this.

2 Likes

Thats to keep away skids :slight_smile:

There is no possible way to load in a backdoor without require or getfenv, which the plugin checks for. If there is, I would love to see it, because currently all you are doing is explaining how terrible this plugin is, without giving advice and suggestions to improve.
If it is so easy to bypass, I don’t know why none of the backdoors have. I have been “cracking” some serversides for the past few weeks to see what they have under the hood, and basically I could track down the loader to them using this plugin, and each loader was found.

This… doesn’t waste time? :thinking:

The badnames table checks for common names that are used in lag scripts, which if someone “modifies (how you like to call it)” the name, I will almost always insert that name into the list.
“Extremely specific things” I don’t understand how they are “extremely specific”, since I have things like “Fire” and “Vaccine” (which are well-known lag scripts that will destroy your game) which arent specific at all.

3 Likes

What do you mean by “waste their time on this.”
Also, he has a script whitelisted system.

1 Like

Forgot to mention: OP is a part of an exploiting community, ‘V3rmillion’.
Also, I’m unsure what you mean regarding a whitelisted system?

1 Like

Since you never even used the plugin before posting, a whitelisting system is in the settings.
I don’t really understand why you would call this time wasting and not recommending this when you didnt even install and try out the plugin.

2 Likes

I’ve clearly stated that I’ve looked through the source though?
Also, bad indentation is no excuse for “making it harder for exploiters”. It’s called having bad code.
I’m doubtful you’d have bad indentation in the GUI section of the script to prevent from exploiters stealing your GUI ???.

1 Like