Hi,
i'm using this:
http://wordpress.org/themes/responsive v.1.9.1 . Who have made this website doesn't use child theme and have change several theme file's, so I can't upgrade theme's version so easily :(
Have activate default theme and still the same. Perhaps it was some plugin, this have so many desuse plugins that I already unnistaled but the malicious code still there in same file... :S