First, be sure that you are looking into root-cause analysis and not the symptoms of the problem. Remember, banner82 "badware" compromises are often the result of a SQL injection attack. There are other vectors, but the existence of that code proves that there was some sort of malicious compromise, and it's critical to find out exactly how it happened.
Next, you need to work with StopBadware.org to get your site off of its list of domains known to host programs that seek to perform malicious or unwelcome actions on a user's computer, i.e. spyware, malware or deceptive adware. Google uses StopBadware.org to develop a list of potentially malicious sites and help warn users before they actually visit them. To have Google stop singling out your content, you will need to have Google re-crawl your site. Learn more about Google Webmaster Tools to do this. Failing that, send an email to firstname.lastname@example.org. The team there will help identify why your site is being flagged for badware and how to clean it up.
StopBadware.org has an excellent write-up on how it assesses websites for malicious software. Some possibilities include that the site may have had its source code altered, it may be hosting malware as an advertisement (yes, you are responsible for the ads on your site), or you may be linking to a site that is hosting malware.
This was first published in January 2009