Hi bohomoth,
Good you found your way here. I am into website security just for the "good of my soul" and also because it is a darned interesting security specialty "third party cold reconnaissance" scanning. Your site issues came up with a recent VirusWatch report, so I felt the urge more or less to take a closer look and report here in the virus and worms. Good you reacted to all of this and showed an interest in enhancing your site's security.
Your visitors will be grateful for that
.
For your information I am Dutch and I "married into" Polish culture and language so-to-say
.
My advice is to further cleanse the site from questionable or less secure code. Ask your server guy(s) that host the website to send an X-Frames option header along to remove any clickjacking vulnerabilities.
groetjes/pozdrawiam, kind regards
Damian aka polonus