my site has been hijacked by the above trojan (in fact all three of my installations have).
 
I have cleared out most of the offending java script from the php pages - but am stuck on three pages.
 
I have a terrible feeling that it is the database that has been comprimised and some java script has been put in the forms there. Now i am a total newbee at this and havnt a clue about sql
 
is there anyone out there who could help?
 
Kim

Dont know if you fixed it now but delete the site then run a backup ou have from before you were infected/