When you do receive the warning can you send the URL of the page to firstname.lastname@example.org and title it MALWARE URL? I will send it to the server admin to get it diagnosed. It seems like it only happens on certain pages and the more information I get the better we can diagnose the problems.
I have scanned though both your files for the account "clubwrx" and the database for your forums. At this time, I do not see any sign of infection or iframe present. Can your forum users provide a bit more information as to where specifically they are receiving the warnings. Which specific URLs? In addition, if they could have their AV scanners provide any further specific information (such as the exact file detected), it would assist us in tracking down the source of the issue.