When Google, the founder of PHP assumed it had to be a false positive. It's an easy reaction to understand; Google must be wrong, we would never do such a thing. When Google accuses you of serving malware or spam from your web site it's a humiliating outrage.
But it turned out that. The PHP guys removed the problematic code and they're back up and running (although they still haven't delivered on the post-mortem they promised).
Perhaps in reaction to the PHP incident, Google has announced that they have improved their webmaster tools to facilitate recovery of hacked sites.
The tools now include a dedicated portal for webmasters of sites identified by Google as hacked.
The new tools help you identify the problems in your site precisely and, once you have cleared them, to request a review in order to clear the block.
The site provides information on the type of problem in the site, sample URLs if available, and the date when Google last detected the issue.