I have plenty experience with malware infection (WordPress, Joomla and other CMS). Also, I have experience with Google Webmaster Tools. If there are lots of file infected, will need SSH access. If not, FTP access is enough. Also, I can give you hints to prevent this kind of infections.