Suspicious files in webroot

Hi there,

How can I scan for suspicious files in the webroot of my customers?
Because it happened a few times that there was some suspicious code in the top of a php file and its almost unnoticeable

Cheers