How do I get rid of these server-side exploits?

I recently downloaded a malicious plugin, that I wasn’t aware of. I got it from the Dev Forum, which I usually trust for plugins.

Now my games are filled with getfenv and RoSync. Someone suggested using GameGuard by Dan_PanMan, and I also tried doing ‘find all’ but the second the exploit is deleted, it comes back.

Next I tried deleting all of my plugins, through Studio by clicking uninstall, but they just come back a second later. So I’m in a vicious circle.

I’m stressing out, because my scripting knowledge is obsolete and I can’t think of anything to do to get rid of the server-side exploits.

delete the plugin, reinstall studio, then revert your game to the last version without the virus

I have deleted the plugin. At least the ones that are suspicious. I also mentioned, I can’t delete plugins now for some reason, unless it’s through my inventory.

Try disabling most of your plugins, also don’t trust any plugins that are created by groups/people like “TopPlugins”, “Creator Studio”, etc.

RoSync is a common virus that most times keeps spreading, I’d recommend reverting back to the last version if you’ve published the game.

Just don’t trust any plugins that can insert scripts in general

Yes, that was one of the plugins that I installed from the Forum. It was called Rain Creator I think. For some reason I didn’t even notice it was by that group.

I think rain creator was supposed to be by buildthomas? I think you got a fake version of the plugin which inserted backdoors

The real rain creator

To be honest, I’m so confused and tired. I don’t even know how the creator studio plugins ended up in my inventory, because I’m aware they’re malicious.

I think I realised what happened. Because the plugins hadn’t been deleting properly, I don’t think it deleted the malicious plugin. I’m going to do it through my inventory instead.