This part of the code there is suspicious:
-foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3 suspicious
[suspicious:2] (ipaddr:176.9.40.38) (script) -foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3
status: (referer=-foto.pro-digiworld.info/)saved 9986 bytes fd7e089a6c10d591dc15faf54395bb5a8b74a1ea
info: [img] -foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/
info: [decodingLevel=0] found JavaScript
suspicious, see:
http://urlquery.net/queued.php?id=15509polonus