site hacked and suspended, how to clean the php:s?

Hi! Im helping my mother with her wordpress site which has recently been hacked and therefore suspended by the web hotel one.com. They have provided a list of infected php-files, several hundred of them. They require us to clean or delete the files and remove the vulnerability before unsuspending the site, aswell as changing all passwords ofcourse.

They also sugested that i use .htaccess to protect the site. Then they would be willing to unsuspend it so that i can use the update tool to update the wordpress site.

Now, does anyone have a sugestion of how to purge all the phps without going through them manually? It seems that the malicious code is all in the first line of the files.

Also, the site was recently updated so i doubt that is the reason for the problem occuring. I know my mother in her last post put two youtube videos on the site for the first time by embedding code. She thinks this might be the reason. Any thoughts?

Thankful for all help and sugestions.