w3 total chache cached files contain virus

Facing same issue. Hostgator or clamAV is another common thing between us. Checking ClamAV.
More over, W3 Total had minified my adsense codes. Minified JS are not recovering after un-install.
W3 is a renowned plug-in, It must support its users.

Corrupted files :

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/top-5-best-trekking-places-in-india/_index.html PUA.Phishing.Bank

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/top-5-best-trekking-places-in-india/_index.html_gzip PUA.Phishing.Bank

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/top-educational-websites-in-india/_index.html

Same problem here. Is it with Hostgator or ClamAV ?
Furthermore, W3 Total has minified my Ad sense codes. Even after cache cleaning or uninstalling, minified Java scripts are not changing.

W3 Total cache is a renowned plug in, it must support its users.

PUA affected files :

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/top-educational-websites-in-india/_index.html

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/best-heart-hospital-in-india/_index.html_gzip.old

public_html/wp-content/cache/page_enhanced/www.trendingtop5.com/top-5-best-trekking-places-in-india/_index.html_gzip PUA.Phishing.Bank

TrendingTop5 the problem even with W3TC for your advertisements, you misconfigured Google’s Page Speed module. Its minifying your AdSense code you need to fix that server side. This isn’t a problem due to W3TC.

As for the malware I again didn’t find anything from your files as well. I am going to contact ClamAV over this though since its getting a little out of hand.

Ok, everyone who is running the clamav antivirus please contact your respective hosts and please ask them to disable –detect-pua

“However, Clam AV has a policy of not correcting false signatures on PUA. PUA is an optional detection. Many Clam AV PUA signatures are made on packers and installers–which can be used by both goodware and malware. So you will save yourself a lot of grief by getting rid of the –detect-pua configuration”

I contacted W3 Total cache support, but i did not get any reply till now.

I have contacted the Hostgator support regarding this and i am presently in discussion through mails. I will post the reply i get from them regarding this issue soon.

By the time, you guys also contact your hosting providers and mention the infected files, without destroying or quarantine it , so that your hosting services can check it.

Thanks

I also recently contact to Big rock hosting support, but they suggest me not to use this 3rd party plugin.

They also don’t have satisfactory suggestion

I received reply, but i am not understanding why they are not able to detect the virus affected files, i am seeing when i am doing scan.

I did not delete the affected files. But they are not able to see it, but my Port80 gets blocked now and then.

What is happening.

The reply i received from Hosting support was as follows,

Hi,

I have scanned public_html directory and confirmed that it’s clean. Hence, activated port 80/443 for your domain …..com. This should help you to fix the issue you have reported earlier.

Also remember that, simply deleting/replacing infected file(s) will not be a permanent solution. If any of those file is used by your website theme/plugin/CMS then removing those files may cause downtime to your websites.

Hence, I request you to double check your website contents like CMS, themes, plugins and make sure that they are up-to-date.

By default, on our shared hosting server we keep scanning the hosting package files and if there is any infected files, the port 80 will be blocked automatically.

I would recommend you to follow the below steps to avoid blocking the port 80:

1. Scan the site contents regularly.
2. Manually check your hosting space and delete the files and folders which are not uploaded by you.
3. Make sure that the third-party applications, themes and plugins are up-to-date for your website.

Thank you.

Friends…….If any of you have found a way to solve this issue, please post it, so that everyone can make use of it.

ClamAV Virus Scanner detected PUA.Phishing.Bank malware in 10 Pages of my blog https://www.geekyard.com hosted in hostgator.

Deleting those infected files is of no use WT3C once again creates those cache memory. I am unable to find any malwares in Plugin or Themes.

If anyone got any working solution kindly share it here.

“Ok, everyone who is running the clamav antivirus please contact your respective hosts and please ask them to disable –detect-pua”

Anyone tried this?

One shitty antivirus is ruining many websites and the credibility of the cache plugins. The fact is we need the cache plugins without which our sites will be out of business. If the hosting providers won’t disable that setting in ClamAV antivirus, we have no option but disable this plugin.

On the other hand CloudFlare integration degraded the pagespeed and not caching a thing from my website. A very bad situation.

I have written a lengthy email to plugin developers and also asked bluehost to disable the setting. Waiting for both the replies.

So I guess we have come to conclusion that this is false positive? Thank god I’m using good hosting.

Btw, one of my site hosted on hostgator and not having this problem. Is Clam AV auto scanning web site or you have to manually start it? If you have to manually starting it, maybe don’t use it?

I’m having this problem too and am following the updates to the thread closely. I too contacted hostgator (I’m US based but use hostgator.in for my India based site) and their support did not want to “disable detect pua” as someone suggested, instead they were asking me to:

“download these infected files to your local system and clear the virus and upload the fresh copy of the files “

I am very much a novice, I don’t know how to do that, but that solution didn’t smell right to me based on what I’m reading here. I too deleted Super Cache, replaced with Total Cache, which was then replaced with Zen Cache, and all have the same recurring PUA.

I don’t know what to do, I’m constantly virus scanning and unblocking my port every couple days. Here’s to hoping one of you guys figures this out so we can be done with this headache.

Facing exactly the same problem here with 3 of my sites and HostGator. I’ve tried both W3Total Cache and WP Super Cache, whenever the cache files are created, the virus scanner detects the cached files as PUA.Phishing.Bank and blocks Port 80.

When I delete the plugin and cached files, Port 80 opens up again.

Contacted HostGator and they say some infected files are being rendered when the cache is generated in HTML.

Can’t think of any solution right now other than disabling and deleting the cached files.

Any solution out there?

There is no response for email yet from plugin developers or bluehost. I just tweeted to them on the issue. I think we need to put a lot of pressure in whatever manner. Those who have the same problem, please do the same on social media.

@w3edge @bluehost Please resolve the https://t.co/qTl7nVYuuK issue in caches, help webmasters. https://t.co/b135kT9eCL

— Gunasekhar T ???? (@ReallyGuna) February 3, 2016