Same problem happened to me.
Only one of my ad zones had that nasty code added to the prepend column, but I've manually deleted it.
The genericText.delivery.php file had that extra line of code at the end which I've deleted.
I had a php file in the www/images directory which I've removed. I have a backup of this php file if @Ian vM or any admin would like to see it? I've been using a separate directory to serve image ads for a long time, and that directory didn't have any extra php file in it
I can change admin account passwords and the database password. Any other recommendations to prevent this attack in the future?
Thanks.