[Sam Bauers]

At the end of your pages, after the closing HTML tag there is an additional script and an iframe.

This code is not in the download tarballs, so it seems the code has been injected on your site only. You should contact your web host for assistance as your service may have been compromised.