If you have gotten hacked recently, there are a few places you should look for files which are malicious.
Since the exploit cannot delete or overwrite files, look mostly for files which have seemingly relivant names but contain malicious content.
- Check your lua/autorun and lua/autorun/server files for additions
- Search through popular/default addon directories for addons/addonname/lua/autorun
- To deem a script malicious, check for the following common commands
3d) for k,v in (player.GetAll()) do
3f) Any functions with short or non-professiona names
- If you think you have a malicious file but are afraid to delete it, simply post the contents in this thread and I will tell you if it is malicious
Happy server hosting,
Excuse me, I would have made this much nicer if I wasn’t posting from an iPhone.