"Extra" PHP Files

While cleaning up some files on our FTP, and, on every WordPress site I’ve checked so far, I’m finding files in sub-folders, with legit-sounding names (classmeta.php, sidebar-funcs.php, etc.) but in the files there’s nothing but what looks to be random variable/function declarations:
either gibberish, “$rkqjqeqrf= ‘Oe&$C\’f’;$fzrvllczy=’lc(g’;$nbeotxtmmev =’g’;$kepchvrk =’b.p7′; $zpk=’e’;”
or random words, “$juries=’r’; $juliann = ‘)mT’; $dictionary=’ZT’; $laughs = ‘t’; $kings= ‘”‘;”

I haven’t seen any of these in the root directories (yet), but they’re almost always in the themes and plugins, and sometimes other subfolders, like wp-admin, wp-admin/includes, wp-includes, and wp-includes/theme-compat. I don’t think I’ve ever seen more than one of these files in a single directory. And, as yet, I’ve never seem them in the root, or wp-content. The files are usually dated sometime in 2012, even in sites that are only two months old.

I’m hosted on GoDaddy, using various different versions of WordPress (although most are 4.0.1), and there’s no one plugin that runs across all of our WP sites (about 30 in total). Two of the affected sites are non-published, work-in-progress builds that ‘discourage search indexing.’

My questions are these:

1) Has anyone heard of something similar to this happening?
2) What is causing these files to appear?
3) How do I prevent it?
4) Are these just ‘Black Hat SEO,’ or something more malicious?
5) Is there a way to get rid of these files without going through 30 sites, directory by directory, and deleting them, one-by-one?

I’m already planning to contact GoDaddy for their support as well – I’m just putting out as many cries for help as I can!