Getfenv infected all scripts!

I purchased some vehicle models from some more well known roblox community mypod hubs,
One of the vehicles had a getfenv start point script inside, I was unaware and that one script has completely injected and infected all of my scripts!

I have searched the dev forum looking for a plugin to quickly remove the issue without effecting the scripts.
However the only plugins I have come across are ones that fully delete the script itself containing the virus!

are their any plugins that will delete just the getfenv line of code from scripts, without deleting the rest of the script?

I really need to find a solution this has set me and my developers back several hours worth of time and work on our project.

It will take hours if I have to manually remove the infections, as one of my games holding our vehicles has over 4000 infections.

1 Like

Could you revert back to an old version using version history? What about autosaves?


Use a script like this in the roblox studio command bar to do it:

for i, v in pairs(game:GetDescendants()) do
	if v:IsA("Script") then
		local str = tostring(v.Source)
		local hackedcode = "" --[[put the hacked code here or you can also put it in a script then get the script source tostringed here]]
		if string.find(str, hackedcode) then
			local newstr = string.gsub(str, hackedcode, "")
			v.Source = newstr

btw sorry about the late reply.


If you go into “Configure Place” you can hit “Version Histroy” and then revert it back to before this happened. The game auto saves work here every once in a while, so you will not loose much work if any. Hope I could help!


I have created a plugin that actually edits scripts to removed specifically backdoors. As well as check every script, and if one seems like it may be a possible virus, it moves it to a “Sketchy Scripts Folder” where you can then manually review it (every detected script is automatically disabled). Once you edit it, or think it’s safe, you can restore the script to its original place and state. Otherwise if they are all infectious, you can clear the entire “Sketchy Scripts Folder”.

Disclaimer: I am not responsible for this plugin accidentally destroying your game, though extremely unlikely to ever happen, it is still possible.

How to install;

AST_Tools.rbxmx (565.7 KB)

  1. Download the plugin/file from this post.

  2. Locate the downloaded file, and drag and drop it into your Roblox game (Roblox Studios).

  3. You will see a tool added to your workspace called “AST_Tools”. You need to drag that into your game’s ServerStorage.

  4. Right click “AST_Tools”, and select “Save as Local Plugin”. A window may pop up, just click the “Save” button.

  5. After you do that, you should have a plugin icon with the letters “AST”, click it.

  6. Optional; For the backdoor remover stuff, click the plugin menu buttons in this order, “Studio Tools”, “Explorer Tools”, “Sketchy Scripts Finder”.

Useful Information:
SOME STUFF MAY BREAK THE PLUGIN, reload the plugin by resaving “AST_Tools” as a local plugin again.

There is a very good reason why this isn’t exactly public. It’s a mess. Some stuff will not work, and other stuff is still under heavy development. The main stuff I recommend it for is the security and the other stuff in “Explorer Tools”. You can use the “Bezier” stuff, allowing you to create bezier curves by clicking two different faces of two different parts, but it is not perfect.

Right click a button to get a description of what it does. The stuff that doesn’t have a description, I don’t recommend pressing (unless it’s a sub menu button).

It would be much easier just to revert the version.

Possibly, but I figured I’d suggest it. Solved all my problem, as well as my friends.

I suggest just delete the models because free models do contain viruses. Its a lesson everyone learns. Or other fix would be to delete the code or script.


I made something like what you need

currently It’s doing searches only in ServerScriptService but I’m updating it weekly

If it will find a something like require, getfenv
It’s will deleted it and replace it with: (not the whole script)

-- Deleted by Nehoray Anti Virus

then It will create a folder inside ServerStorage with the full script (disabled) so you can check and see what is was requiring…

He said that it infected all of his scripts. This would take hours depending on how many script you have to fix it.

this doesnt work for getfenv()string.reverse(“\101\114\105\117\113\101\114”)