Get Off Those Maliciously Loaded Scripts!
Download this free Anti-Malware Plugin for WordPress.

It really won’t do any good to scan a ZIP file since there is no executable PHP code in the compressed binary ZIP. Those ZIP files would have to be uncompressed first so that you could then scan the non-binary text in the files that might contain executable code. If there is malicious code or an exploitable vulnerability on your website then it is far more likely to be something that is new and just has not been documented yet.

The best way to find the source of this infection is to pin down the exact time that the infection occurs and then check you log files to see what scripts are access at that time.