Since scare tactics seem to be what drives some people to take fix wordpress malware virus a bit more seriously, or at least start thinking about the problem, let me shoot a couple of scare tactics your way.
Truth is, if a competent master of the script targets your site, there is actually no way to prevent an intrusion. What you are about to read below are a few actions you can take to minimize the threat to an acceptable degree. Odds are a hacker would prefer choosing more easy victim, another if your WordPress site is well protected.
Exclude pages - This plugin provides a checkbox,"include this page useful site in menus", which can be checked by default. If you uncheck it, the page will not appear in any listings of pages (which contains, and is ordinarily restricted to, your page navigation menus).
In addition to adding a secret key to your wp-config.php file, also consider changing your user password to something that is strong and unique. WordPress will tell you the strength of your password, but include amounts, use letters, and a good idea is to avoid common phrases. It's also a good idea to change your password regularly - say once every six months.
Of course it's possible to set up more plugins to make your store like automatic backup plugin or share buttons. That's all. Your shop is up and running!