Thanks, Zynthesist.
So now I'd like to remedy those, but not sure the best way to do it. I have only the simplest understanding of scripts like those, but would I be right in thinking that if the one on the server is a bigger filesize than the one one my backup, it has extra code injected, and that could be the trojan(s), within the javascript code?
If I simply replace the bigger one with the smaller one, is that likely to solve the trojan problem, and if it does, will Malwarebytes immediately stop detecting it and stop blocking the site?
Or is there a more logically safe and effective approach to take? I'm not certain that any file I use to replace with will be the latect or most compatible version of the file, or if it might break the way the original script is meant to function, if I use an out of date file.
Secondly, many of the files have two versions, eg core.js (48KB) and core.min.js (21KB), with the second about half the size of the first. Is the .min version the same code but formatted without spaces and line breaks, to minimise the filesize? If so, should I assume the core.js is also injected with the same trojan, and should I therefore replace those as well? In fact, do I even need the larger core.js at all - can I delete the larger of a pair, if I have the .min version installed? My backup has only .min versions and the site works.
Sorry, lots of questions :-)