It seems i have been hacked
Many of the folders within the site now contain a .htaccess file with a ErrorDocument reirect to a spurious php file usually named something like 5678.php
The code in the ,.htaccess file looks like this
ErrorDocument 404 //app/code/community/Fishpig/Wordpress/etc/177843.php
So I need to clear out all the unnecessary .htaccess files so which ones do i need to keep?