The Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you should do:
- Change passwords for all users, especially Administrators and Editors.
- If you upload files to your site via FTP, change your FTP password.
- Re-install the latest version of WordPress.
- Make sure all of your plugins and themes are up-to-date.
- Update your security keys.