Suspicious files on website with CMS insecurities....

Viruses and worms
1

See: http://killmalware.com/mr-smart.ru/
Nothing detected here: https://www.virustotal.com/nl/url/5af7bd620a9df6a7ebd4fd6e4886b7b884248604d5a86098acb0af32f653698b/analysis/
javascript malware detected and server errors:
SSUE DETECTED DEFINITION INFECTED URL
Website Malware MW:JS:GEN2?web.js.malware.default550_com.001 -http://mr-smart.ru
Website Malware MW:JS:GEN2?web.js.malware.default550_com.001 -http://mr-smart.ru/404testpage4525d2fdc
Internal Server Error 500-error?v1 -http://mr-smart.ru/contact
Internal Server Error 500-error?v1 -http://mr-smart.ru/uslugi/
Internal Server Error 500-error?v1 -http://mr-smart.ru/zapravka-vosstanovlenie-kartridzhej/
Internal Server Error 500-error?v1 -http://mr-smart.ru/videonablyudenie/

Web application details:
Application: WordPress 3.6 - http://www.wordpress.org

Web application version:
WordPress version: WordPress 3.6
Wordpress Version 3.6 based on: -http://mr-smart.ru/wp-admin/js/common.js
RevSlider version: 3.6
WordPress theme: -http://mr-smart.ru/wp-content/themes/system/
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.2

The following plugins were detected by reading the HTML source of the WordPress sites front page.

page-scroll-to-id 1.5.9 latest release (1.6.0) Update required
http://manos.malihu.gr/page-scroll-to-id
wp-super-cache 1.4.2 latest release (1.4.6) Update required
http://wordpress.org/plugins/wp-super-cache/
revslider
LayerSlider
wordpress-seo 1.4.18 latest release (2.3.5) Update required
https://yoast.com/wordpress/plugins/seo/
wp-retina-2x 2.6.0 latest release (3.5.4) Update required
http://www.meow.fr
mailchimp 1.4.2

Warning User Enumeration is possible &
Detected libraries:
jquery-migrate - 1.2.1 : -http://mr-smart.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.10.2 : (active1) -http://mr-smart.ru/wp-includes/js/jquery/jquery.js?ver=1.10.2
(active) - the library was also found to be active by running code
1 vulnerable library detected

polonus