When you see the dreaded Google attack site warning, you should immediately submit a ticket. Be sure to include your domain name because we will need to locate the virus that caused the issue and take steps to secure your account.
Note: This will only happen in Firefox because Mozilla has a relationship with Google. Google cannot actually change your website.
Once the account has been cleaned and secured please follow below steps -
Step 1: Install a new anti-virus program. Obviously this virus knows how to evade detection of the current anti-virus. It doesn't matter what's being used currently, you have to install something different.
Step 2: Login to your control and change your FTP password. Write it down at this point DO NOT ACCESS YOUR SITE with FTP until you finish all of these steps.
Step 3: Scan and clean every PC that has FTP access to your site. This is also a must. Otherwise you have no idea who's PC it is. Do not give the new FTP passwords to anyone until after you have finished all of these steps.
Step 4: Remove the malicious code from your webpages. If you have a known good back-up, use that. If not, download your site (yes you'll have to type in the new password, but hopefully you're already scanned and cleaned your PC). Then open each file in your HTML editor and find the infectious code. This particular malscript usually hides immediately after the opening body tag, but we've also seen it at the end of files. You'll have to check every file on your website not just index files or just html files. Check every file on your website even .js and .css files.
Step 5: Change your FTP passwords again.
Step 6: Please request a delisting through your Google Webmaster account. This is not something that Team Overline India can do for you. The excerpt below was copied from Google, and gives you step by step instructions to request a delisting.
http://www.google.com/support/webmasters/bin/answer.py?answer=45432
Once you have reviewed your site and are sure it is clean, you can can submit a request for review. Note, you will need to verify site ownership before you can request a site review.
- Sign in to Webmaster Tools with your Google account.
- On the Dashboard, select the site you want.
- On the Overview page, click Request a review and follow the instructions.
Then you should have that issue again.
This is not the result of a faulty script or weak FTP passwords. It's the result of a virus on PC with FTP access to the infected website.
How does a website infected by Google Attack?