Hey Marcos,
first of all, let me thank you for your support. After downloading and checking the whole files (it's a wordpress website with nearly 8.000 files) I couldn't find any piece of the given JavaScript. Is this something that is created dynamical or perhaps was stored in a database?
I know this isn't part of your job, but maybe you can be a little more specific about the location of the malicious script so I am able to find and remove it.
In any case, thank you very much for your support.
Zentrie