Google's Anti-Malware team is running a series of blog posts as part of Cyber-Security Awareness Month to help educate users (and webmasters) about the malware threat. One of their posts highlights some best practices for webmasters to use should their site become compromised and flagged as containing malicious code.
From the post:
It's not always clear to webmasters how to go about cleaning up their sites once they've been compromised, so this time we thought we'd share some best practices.
It looks like generally good advice. Some obvious, some not so much. It is worth the 3 minutes to read it and book mark it.