Hi Mikoz_01,
yes, the reason might be that you was previously infected and thus the attackers has your site "listed". What I can recommend is checking your logs whether any other files are accessed from outside (might be some leftovers of the infection) and if these are still active and "answering" the attackers, they might to see this as a "green light" for trying to hack your site over and over. Right now, I didn't notice anything suspicious on your site and even our SiteCheck returns your site as clean. Maybe you could be interested in applying another security level - Web Application Firewall. You can read more about our WAF here: http://cloudproxy.sucuri.net/features but there are surely also other products - it's just up to your decision.