Have I got a virus in Node-red?

Short answer: yes

Others have been affected by it this weekend: Missing and mysterious new flows

It comes as a result of you exposing node-red on the internet with no security applied.

Without doing a careful examination of what that script does, the only safe way to be sure is to reinstall the server. And make sure you secure node-red properly before considering exposing it on the internet. If you removed it without securing node-red, there's nothing stopping them from redeployed their flow.