@jojorun and tanavots: thanks for your feedback.
After I scanned my computer with MS Security Essentials, I did another scan with Malwarebytes Anti Malware, and that found another trojan. After deleting it, I've scanned with Gmer, and this reported a suspicious hidden service. After deleting this service, my system was nearly unusable (no taskbar, no more networking, no more moving and copying of files from the explorer), so I decided to set it up anew (it needed some thorough cleaning anyway).
In the meantime I further looked for information about the HTML/SrcInject.B.Gen virus, but was not able to find something really useful. So I still have no clue, where to look for possibly infected files (checking all <script>s manually is quite pointless due to the many JS files of tinyMCE, which could be infected as well). I furthermore searched for related information (e.g. any infection of tinyMCE or jQuery), but I didn't find anything (besides that there are domains with similar names to http://jquery.com/
that offer manipulated jQuery files).
Something really useful I found while googling is http://sitecheck.sucuri.net/scanner/
, where one can scan a website for malware.
As others haven't found anything suspicious, I assume
the ZIPs don't contain any malware.
@twc: do you have any news about the issue?