What methods do viruses use to make your game lag?

Hello! I’m thinking about making an antivirus plugin! Well, I ran into a problem since my plugin will scan for viruses. Sadly I only know a few things with which it could identify viruses: For example a weird name, require, getfnv and cloning fire or smoke. So my question is what other methods do viruses use to / what exactly do I need to detect in order to find them? (And yes I googled it multiple times and I found nothing) Thanks in advance!

maybe they insert a script that has a while loop without a wait which makes a lag?

They usually fire unprotected remoteevents or make invokes infinitely yield, this may not lag depending on what they do, but it’s a very big issue nonetheless.

1 Like

My dumbful brain would say something like

while true do
 local haha = Instance.new("Part")
 haha.Parent = game.Workspace
 haha.Position = Vector3.new(0, 0, 0)
 haha.Anchored = false
 haha.Transparency = 1
 wait(0.01)
end

are kept in models or scripts or even disguise themselves with names such as Minigame1 Module Script with their parent is the map and seeing the main script actually functional correctly is enough to fool a Studio newbie.

Another virus is cloning messages. This script will instantly makes your game lag. Just like the script above, they hid somewhere or disguise

Third are scripts that fools non-programmers:

local yuh = require(script.ModuleExample)
if [virus check thingy] then
 DeleteVirus()
end

the module script in the other hand:

function DeleteVirus()
 local checkOfidkScript = require(game.Workspace.game.Workspace.Antivirus.Settings.Values.Crap.RepeatMoreCrap --I'm not going to repeat the more setting here lmao
 DeleteVirus()
end

the module referring to the other module omfg:

function DeleteVirus()
 --Changes all the parts to blue. And i oop-
end

So, yeah that’s the stuff my dumb brain would think of.

2 Likes

that virus made my laptop lagged extremely lmao.

That would not work as the exhausted error will occur.

I sometimes see scripts with hundreds and thousands if whitespaces and then suddenly a require() or getfenv(). You might want to check for whitespaces more than 100 or so and mark it as a virus line.

2 Likes