Clean the site up, make sure all files directory's have the correct chmod and make sure all FTP accounts have been secured and passwords changed and non guessable.

the site is most likely serving corrupt .js thus doing a malware drive-by either the malware is being served straight from the site's webserver, or is being called from a remote location.

Clean the site and get incontact with the relevant search enginges and they will re-scan your site on there next scheduled visit and you'll either pass or stay blacklisted.