So in a hosting account with a few Wordpress installations, there are several files that have been injected with malicious code. The web host says I will need to remove the malicious lines of base 64 code and secure the account against future attacks. There is a list of probably at least 200 files. Many are in the wp-admin, wp-includes, wp-content/themes and a few others I created trying to learn php/mysql and understand all this stuff better.
Any suggestions on what to do or how to remedy this? This all might as well be written in Chinese as I have no idea what to do. I looked at a few of the files I created and nothing jumps out at me as being out of place so can't see any "malicious lines of base 64 code".