AldebaranJillHi,
Just wrote this blog article about our experience:
http://aldebaranwebdesign.com/blog/wordpress-hack-causes-virusscan-alert/
Unfortunately, I didn't note the version of WordPress that the client had that apparently was compromised, it was 2.2.something. But I didn't see an exact match of this issue mentioned here, so I'm posting.
But upgrading to 2.3.3 has for the moment, resolved the issue. There's a screenshot of the warning in the article mentioned above.
