Yes, those are not default files. WordFence is the best for scanning once you are already infected. I would personally advise against keeping it activated after it clears up the infections though because i have only had problems with it causing sites to slow down when activated on an ongoing basis. Instead, I would advise you look at this post from the WP.net support docs about Hardening WordPress and specifically look at the the file permissions section. Also, change your admin password and change the name of WP-Admin using this plugin.
Hope this helps.