Virus intrusion happened again. Scrubbed it out again. This time I've taken a few more steps -- turned off writability of the php files, and made sure PHP *itself* was upgraded to the latest version -- the system my provider stuck me on was on a version of PHP that was a year out of date (5.2.6 instead of the current 5.2.9).
If the virus crops up again after this, I'll have to consider a multi-day shut-down and a move to a new provider.