Malware issue with wordpress Blog

My clients server was hacked and had malware installed on it. The client never had any backups made of his site or blog prior to the attack. Also the client didn’t install any new apps popups counters or anything on the wordpress blog that could be creating the malware. I am wondering if any one has a better suggestion for removing this from his sites with out having to search file by file to remove the corrupted code. Its a customized wordpress blog.

DreamHost has some backups available that can be restored using the control panel, they go as far as 2 weeks ago, it is somewhere there on the interface, of course this also means that if you restore the site from 2 weeks ago any data added after that will have been lost.