had a look at the http request... looks like one of the JavaScript pieces is making a request from updatedate.cn which is a black listed site. It won't show on Internet Explorer or Firefox unless you have the Google tool bar installed. Apple Safari has the protection mechanism build in.
here the additional info provided by Google:
transparencyreport.google.com/safe-browsing/search?url=updatedate.cn&hl=en-usThere are a number of possible reasons for this:
1) Who ever developed the site has a virus on their computer. The virus either intercepts any edits made to html content or it intercepts and alters FTP uploads. (both pretty easy to do and go unnoticed but I doubt this is the case here).
2) The web servers .htaccess has been hacked. To be more specific, a directive to write a JavaScript document.write into every HTML document has been included in the .htaccess file on the web server. This is the most plausible option and harder to detect.
Not sure who their web development company is but I would have a serious chat with them. Looks like one their developers is using some dodgy software on their development system.
BTW, the point of well developed maleware is that you don't detect it. So I am not surprised standard install of Firefox and IE don't show any warnings.
