Infected? You mean somebody uploads a script to your site? Don't let them is the answer. Your host should have security and you could lock down any access other than stuff like time-limited ftp access.
Does your code allow file uploads or direct addition of data to a DB or file?
What are the methods to use to detect if a hosted file.php file is sane or not ?
I don't know how you could test to see if an obfuscated file was suspect or not other than to trace its origin. It could be totally legitimate - if you use 3rd party scripts - especially paid-for scripts. Have a look at the date changed (Unix doesn't have create times AFAIK) and any logs.
Have a look here for a list of logs on cPanel/Apache: