Umm, no, not a virus. It was an attack that injected the redirect code into the php files.
And yes, I agree that the server needs to be nuked and repaved with current versions of apache, php, and so on.
However, as we do not have remote console access in case something goes wrong and the OS will not boot, not to mention it's not 'our' machine (HLP and it's hosted sites are not the primary site, nor does it have it's name on the hosting bills/account), it's not that simple, nor is it something that I'm comfortable or willing to do.
That being said, I have made a tweak to the install at a filesystem level. I don't know for sure if it will prevent it, we will have to see, but I'm hopeful that until the server is rebuilt, it will help prevent these things.