Every WordPress site should have additional security to strengthen their site, 3 of the best are
- Wordfence Security
- iThemes Security
- BulletProof Security
You can also run external malware scans from http://sucuri.net/company for free which will run a scan and identify any possible corrupted files.
Also if you run your own server it is wise to run a malware scanner that can automatically check your filing system at set intervals Maldetect is a great choice here.
Don’t leave it too late be proactive.