PC CPU maxing at 100% following auto-update of wordpress

  • I’m soon to be upgrading this site to the latest version of wordpress along with the plugins and theme so that we can upgrade to php v7, but in the meantime following an auto update last Tuesday (16th Jan 2018) when I either go to https://www.frenchweddingstyle.com or the admin page, the CPU on my PC shoots up to 100%.

    If I kill the process in Task Manager, it reverts to the normal 15-20%. This happens in both Chrome and Firefox, and I can repeat on a different PC too.

    I’ve contacted my hosting provider who says that their virus checker reported malware (https://www.virusradar.com/en/JS_CoinMiner.W/description) on the site, but everything that I have run to check for malware has returned nothing (Wordfence, Quttera, Sucuri), they’ve returned a few dodgy links which I’ve resolved, but no malware.

    I know that last Monday this wasn’t an issue as we batch create our posts then, but I’m struggling today with the CPU maxing out.

    The only thing that has changed is the auto update – and I can see that a number of files were updated on the 16th, so I was wondering if anyone else has noticed this?

    Thanks,
    Leigh

    The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)
  • Thread Starter frenchws

    (@frenchws)

    Thanks for getting back to me.

    I looked at that site earlier and got the same report, but couldn’t see where it said that the site was hacked.

    I can see that it says no malware detected, and that the site is not blacklisted.
    It can’t find a firewall (which it wouldn’t) and the only High severity issue that I can see is that the Website is outdated.

    Could you let me know where it says that the site has been hacked please?

    Moderator t-p

    (@t-p)

    Sorry, my Bad.

    It detected outdated software.

    Moderator t-p

    (@t-p)

    hosting provider who says that their virus checker reported malware

    Have you tried scanning your site? You can use plugin like wordfence, Exploit Scanner , etc.

    • This reply was modified 7 years, 1 month ago by t-p.
    Thread Starter frenchws

    (@frenchws)

    Wordfence didn’t pick anything up, nor did Quttera or Sucuri.

    But I’ve gone through to the codex page that you linked to, and have run the my site through aw-snap which found an issue in my jquery.js file (v.1.12.4).

    I’ve just compared the one on my server (in the wp-includes/js/jquery/ folder) to the original on the jquery website, and there’s a load of gumph at the end in the file in the includes folder.

    I’m just going to overwrite the file (after taking a back up!) and will see what happens. I’ll report back.

    Moderator t-p

    (@t-p)

    Please note WordPress 4.9.2 is now available.

    This is a security and maintenance release for all versions since WordPress 3.7?. We strongly encourage you to update your sites immediately.

    Thread Starter frenchws

    (@frenchws)

    I’m going through and updating, and want to get everything on the latest version of wordpress and plugins etc. Also want to move to php v7 on my server, but the theme doesn’t support it.

    So once the theme has been updated (or to be honest, replaced) everything will be updated.

    In other news, replacing the jquery file worked (was only noticable after a hard refresh though).

    Thanks for your help and the link

    Leigh

    Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    In other news, replacing the jquery file worked (was only noticable after a hard refresh though).

    Where did you replace it from?

    Could you please send us infected jquery file to support[at]quttera.com thus we can investigate it and update plugin to detect this infection?

    Thank you.

    Thread Starter frenchws

    (@frenchws)

    Hi Andrew,

    From the jquery site (code.jquery.com/jquery) and then downloaded the same minified version of the file.

    And Quttera – I’ll zip it up and wetransfer it to you.

    Thanks,
    Leigh

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘PC CPU maxing at 100% following auto-update of wordpress’ is closed to new replies.

Tags