Since the forum came back online this morning, AVG (full paid-for version) has been intermittently giving me the following warning:

http://www.simister.com/public/avg.jpg

Maybe it's just a false-positive, but hasn't happened before today.

We're getting ClamAV installed on the server today which should resolve this once and for all. I will update you when this is complete.

Microsoft Security Essentials is removing "Trojan JS/IframeRef.k" from certain pages.

Yes, we seem to have a problem, despite the recent upgrade and work to ensure that the database itself looks fine. The install of Clam AV should clear this up and this should have happened on Friday but was delayed due to the unexpected downtime.

You are a star Nick, the next round is on us buddy ;)

Is this related to the problem I had? I'm pretty sure the bug that wiped out my O/S came from here and since sorting that, I installed AVG and it has periodically caught a bug on my visits here. I did forward the AVG details on a screenshot.

My PC is currently protected by Kingsoft Antivirus (definitions based) and ThreatFire Anitivirus (behavior based) and AVG LinkScanner and Spyware Expert. These all work harmoniously together and seem to give a bombproof level of defence. They catch and block a lot of stuff. Spyware Expert is the best of its kind I've come across, it finds stuff that Avast and Spybot and others miss completely. I also use Free Window Registry Cleaner, it seems effective.

Hmm, that is interesting Geoff. I have always rated Spybot and have it installed on all the machines in the house but if Spyware Expert is as good as you say then I'd like to give it a try, is it freeware?

Hmm, that is interesting Geoff. I have always rated Spybot and have it installed on all the machines in the house but if Spyware Expert is as good as you say then I'd like to give it a try, is it freeware?

Yes, a freebie from download.com

Here's a link to the Windows version:

http://download.cnet.com/OneClick-Spyware-Expert/3000-8022_4-10888053.html?tag=mncol;3

If you don't have a registry clean/repair application, you may also want to try Free Window Registry Repair. I've been using it for years without problems and it seems to work very well. Link:

http://download.cnet.com/Free-Window-Registry-Repair/3000-2086_4-10606555.html?tag=mncol;1

As I expect you know, you can run these alongside similar applications without conflict.

ClamAV confirms the server is clean.
A search of the database also confirms that there are no iframe references in it.

I've also been through the forum templates and rebuilt the parsed template code as well an these are clean.

I come back to our earlier assessment that these are false positives but I am doing further work to try and isolate the thing that is triggering these warnings. If it is a false positive I want to know what the false positive is being caused by do we can do something about it. The perception of infection is as bad as the reality in my view.

We are seeking assistance from vBulletin in getting this sorted.

Just to make U aware my works corporate virus detection is blocking AoS but didnt last week.
Just caught up? Have fun.

Oddly, mine isn't now and was last week. No reports in AVG Threatlabs either since I switched off advertising on Friday. I suspect a delayed reaction with your corporate threat lists.

My company is also blocking parts of thartofsound.net now, wasn't last week.
We're using McAfee and when clicking on any thread the site is blocked and classified as "suspected malicious code"

Best regards /Mike

Thanks Mike. My places uses McAfee as well...

I have disabled TapaTalk while I try and isolate the issue further.

Still getting the occasional Iframe injection warning.

http://www.simister.com/public/avg2.jpg

This was when entering the "Reduce height of a tree" thread in Abstract Chat from 'New Posts'.

Me too

Good / bad to know. We've switched off everything but the basic forum. And that was upgraded 2 weeks ago, so should have been completely clean. Back to square one, and no leads.

I'm pretty sure the forum is clean and these are false-positives. From the comments on the AVG Threatlabs regarding IFrame injections, there are lots of sites getting this that are also claiming they are clean.

The "Reducing height of a tree" thread that last triggered the warning for me has an image attachment - I wonder if it is something in the 'lightbox' script that AVG is objecting to? I do see some of the comments on the AVG Threatlabs mentioning 'lightbox' scripts.

I might raise a false positive review request with AVG, but the fact that McAfee etc have generated warnings to some users here suggests that might be it.

I have been concerned to see AVG flad warnings against the main site index page, which is just our banner, nothing else, no javascript and no fancy code whatesoever. Makes me think they may have something wrong with the way they analyse the 'threat'.

I've been having the AVG warning on my home PC for several weeks although, interestingly, it appears to have gone now.

However, when I tried to open the site at work yesterday, I got the attached screen - it was fine on Friday but it appears you've now been blocked.

I use McAfee, and for a good while now it has popped up advisory messages to the effect that AoS, as a site, contains a risk of malicious software. Yet when you click on McAfee logo, the site advisor reports that when "theartofsound.net" was tested, no issues were found.

So far I have ignored the warnings, but today when I logged on I got a BIG LOUD McAfee warning saying "Whoa - do you really want to go there!"

Confused? I am. :scratch:

I think they all use the same blacklists, and one of these has updated in the last week to add us. I've raised a False Positive review request with AVG now.

I've had no more of the AVG warnings recently. I was getting them quite often before the 'outage'!

Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 55 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 107 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 111 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 119 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 130 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 134 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 142 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 211 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/init.php on line 389 Deprecated: Assigning the return value of new by reference is
deprecated in /var/www/vhosts/ theartofsound.net/httpdocs/forum/
includes/class_core.php on line 2552

Has returned. Sorry the site isnt 100%

We know, and it's being dealt with. See recent posts on this thread:

http://theartofsound.net/forum/showthread.php?p=441525#post441525

It would help if you checked the new posts on the forum, relating to similar matters, before posting again elsewhere on the same subject! :doh:

Marco.

I still scratch my head in wonder as to why so many people use AVG, but each to their own I guess :scratch:

Hey ho, there we go . . . just to add balance to the thread I am having no issues here whatsoever using MSE and at work using a paid Business Edition of NOD32, or on a Samsung Tablet using Avast.

(Home PC = Windows 7 Pro x64, Firefox 20.0.1 and MSE)

Deprecated: ...

Has returned. Sorry the site isnt 100%

Alan (and anyone else reading) - those warnings are NOTHING to do with security, so whilst the site's main page certainly isn't 100% in look, from a security aspect, this list of "deprecated" problems is a non-issue. (It's due to the PHP version, and wasn't "upgraded" by us...) Why AVG is returning "false positive" security warnings is a different problem, and both are being worked on. Our continued apologies for the disturbance.

We know, and it's being dealt with. See recent posts on this thread:

http://theartofsound.net/forum/showthread.php?p=441525#post441525

It would help if you checked the new posts on the forum, relating to similar matters, before posting again elsewhere on the same subject! :doh:

Marco.

Marco

Whilst I do check new posts, the only way to use the site. The thread titled Whats all this does not exactly say "Here is another problem with the site" and invite interest on that topic. There are so many chatty threads as opposed to HiFi related threads I certainly don't read every new post. Perhaps in your role of interested in everything on the site you read everything But as a mere HiFi interested member I only open threads that sound of interest.

Perhaps you or other mods can ensure titles convey a good sense of the subject on this sensitive matter.

I spent all last week trying to fix two systems which kept breaking one of my creation and the other a suppliers. They were interdependent using data from each other, when one failed the other went down. Every detailed comment from users helped me to build a picture as to what was going on and enabled looking in the right place to fix things. So I make no apology for trying to advise a noticeable change. Excuse my over enthusiasm for the smoother running, warning free experience of AoS, I'd like to be able to see it at work. :( a rarely used smiley.

All the best on getting on top of the problems

No worries, Alan. I appreciate that and your help. No point in dwelling on the matter any further :)

Marco.

Microsoft Security Essentials has detected Trojan:JS/IframeRef.K from this site today in a file called forum[1].htm

Jesus. This is a fresh install of the latest VB4 version with all security patches. That has got to be a false positive!

Jesus. This is a fresh install of the latest VB4 version with all security patches. That has got to be a false positive!

I was even getting them yesterday afternoon when the forum was down and all that was accessible was the welcome page with the downtime announcement :lol:

All sweet here Nick, absolutely nada problems at all and I'm loving vB4 for sure.

I've had no reports whatsoever from four different machines since the VB4 upgrade. I think some people aren't clearing their caches.

I've had no reports whatsoever from four different machines since the VB4 upgrade. I think some people aren't clearing their caches.

I ran ccleaner over the weekend and got iframe injection alerts on Monday, so I doubt cacheing is to blame.

Cheers,
Keith

The question is, are you still getting them now?

Marco.

The question is, are you still getting them now?

Marco.

Not accessing forum from a pc so far today, but will let Nick know when I next get one. They occur intermittently anyway and I can go days without them.

Cheers,
Keith

No worries, dude. I really don't think it's a major issue.

Marco.

No worries, dude. I really don't think it's a major issue.

Marco.

I'm sure they are false positives, but I don't see them with any other site.

Cheers,
Keith