yes. it does seem that the googlecodehosting was somehow injected into one of my ad-zones.
Software has been upgraded and updated (including the PHP on the server itself), and now it’s been re-submitted for review to Google to have the malware alerts removed.