This is a very common malware infecting thousands of sites (Jul 2012). Some of the domains being used:
*.qxpmhnrvrkqewurq.waw.pl *.keefqnfsgqxrzlru.waw.pl *.ekkugeunekaxqolz.waw.pl *.svndeqsqughepaye.waw.pl .. more random domains ..
Those links lead to multiple exploit kits affecting desktop (Windows) users. Additional details here: http://blog.unmaskparasites.com/2012/07/26/runforestrun-now-encrypts-legitimate-js-files/.
Affecting: Sites with Plesk outdated.