I recently discovered a massive amount of spam pages in my sites indexed page results on Google. I have reason to believe they existed as far back as last fall, but only after recent Google DC upgrades did a deeper index of my site appear. (800 plus "true" pages to now over 7000 indexed pages) I am unable to fully view all of these 7000+ pages in their index.

I have removed the spammer’s code from my sites and changed passwords, directory security, etc.. (He/she/it created a custom 404 page that feature text ad links to other sites)

I have taken the links that I am aware of plus the bad ones listed on my Google sitemaps report and have included these under disallow in my robots.txt file. (I have not specifically placed under the listing for the googlebot)

I am wondering what to do next. What keeps me in the state of "wondering" is the conflicting information that is out there.

Here are my concerns:

I have already witnessed a drop in Adsense revenue, most likely due to a drop in ranking on several keywords.

This is the only method that I am using to monetize these sites.

I have not been banned or completely removed from Google's index, so I am unsure if a re-inclusion request is the right thing.

I also do not want to remove my site for obvious reasons.
From what I gather I am already following the process of individual URL removal by tagging the spammer pages with a disallow in my robots file.

I have set up a custom 404 that suggests other pages on the site.

Having said all this, should I use any other method to notify Google?
If so what methods are recommended? (Online forms, email, burnt offerings, flowers, indentured servitude, etc...)

I dread facing 8+ months of no indexed files and minimal adsense revenue.