Yes. We understand malicious code on your WordPress installation can cause some really nasty things, so we scan each server nightly for the latest threats and code injections. Malware is automatically sent to quarantine, which is deleted every 30 days.