First, be sure that you are looking into root-cause analysis and not the symptoms of the problem. Remember, banner82 "badware" compromises are often the result of a SQL injection attack. There are other vectors, but the existence of that code proves that there was some sort of malicious compromise, and it's critical to find out exactly how it happened.
Next, you need to work with StopBadware.org to get your site off of its list of domains known to host programs that seek to perform malicious or unwelcome actions on a user's computer, i.e. spyware, malware or deceptive adware. Google uses StopBadware.org to develop a list of potentially malicious sites and help warn users before they actually visit them. To have Google stop singling out your content, you will need to have Google re-crawl your site. Learn more about Google Webmaster Tools to do this. Failing that, send an email to firstname.lastname@example.org. The team there will help identify why your site is being flagged for badware and how to clean it up.
StopBadware.org has an excellent write-up on how it assesses websites for malicious software. Some possibilities include that the site may have had its source code altered, it may be hosting malware as an advertisement (yes, you are responsible for the ads on your site), or you may be linking to a site that is hosting malware.
Dig Deeper on Application attacks (buffer overflows, cross-site scripting)
Related Q&A from John Strand
Expert John Strand reveals an interesting way of addressing man-in-the-middle attacks. Continue Reading
Expert John Strand explains how to shore up security as you plan a large-scale advertising campaign. Continue Reading
Expert John Strand reveals two exciting trends in antivirus software. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.