Hacked - Redirect is somewhere on my website!!(repost)

My website was hacked about 3 weeks ago. The jist of it was that he trying to use our website for adwords and then redirect to his bunk adsense site. I have spent numerous hours on this with my web hosting company and they can't find the redirect. I'm not so worried about them being on Google as I have formally complained to them and I think they have taken his ads down. What I am worried about is that there was obviously a redirect on the website and we can't find it. We think it's an iframe issue but not sure. That being said, I would like to know what that redirect is and I want it taken off the website ASAP. Initially, if you can find this without going into FTP that would be my preference. If this is not possible, then I can send over pages or whatever is needed from the website. One other thing, there is a dojo toolkit on the server and my hosting company is sniffing down that trail (there is an iframe in there).....is dojo supposed to be on a server? Here's the URL: <[login to view URL]> ## Deliverables 1) All deliverables will be considered "work made for hire" under U.S. Copyright law. Employer will receive exclusive and complete copyrights to all work purchased. (No 3rd party components unless all copyright ramifications are explained AND AGREED TO by the employer on the site per the worker's Worker Legal Agreement). * * *This broadcast message was sent to all bidders on Friday Sep 24, 2010 2:34:56 PM: Hey guys, thought Google took this down so I wasn't able to give you an example of what is happening....but now it's back up. You can see the redirect by typing in "sleep apnia". They will be a sponsered link on the right side that says "Sleep Apnea Treatment Get the top 10 Fixes here..." and when you click on the link it goes to their website. * * *This broadcast message was sent to all bidders on Friday Sep 24, 2010 3:45:24 PM: Just to clarify. My website url is www(dot)sleeprxonlone(dot)com...but te link is going to some clinic directory website. He is using my url so obviously its been verified with a google adwords code, but we can not find it anywhere. * * *This broadcast message was sent to all bidders on Saturday Sep 25, 2010 2:13:52 PM: There is no obvious redirect here. My hosting company has combed through the site....but there is either a .js redirect or active x issue where google doesn't detect it... ## Platform I think its windows.