even better if you have a iframe injection this one can help (I just found one of my sites attacked with the same URL.)
grep -lr -e '<iframe src="http://.*</iframe>' * | xargs sed -i 's/<iframe> src="http:\/\/.*<\/iframe>//g'
Just make sure you are not using iframes yourself ;D
Dark and difficult times lie ahead... Now is the time that we must choose between what is right, and what is easy. A.D