Hey, Currently my blog (Arsenal FC Blog) is listed on Google as having the potential to harm users' computers. I have no idea what has happened to make this message pop up but I have had a couple of emails from users saying that it attempts to download a Trojan (which is quite easily blocked by Virus Protection Software) onto their computer. Does this mean a file on my blog is corrupt? What else could the problem be? How would I go about fixing it? Cheers in advance for any assistance because for the last however long I've not been able to attract many new readers...
Your site looks very clean to me. No detection of bad ads or pop up. Use this to solve your problem http://www.google.com/support/webmasters/bin/answer.py?answer=45432
What version of WP are you running, there are recent XSS (cross site scripting attacks) that have been corrected. More then likely, G. might be detecting a script running in background in one of your form fields.
Thanks for your help. Have since updated Wordpress and submitted a review to Google. Hopefully it will come back positive. I'm losing about 150-200 visitors a day who normally visit my site via Google. It doesn't sound like a lot but that's 150 potential subscribers down the drain!!!
Just by updating your WP may not fix the problem. If some code (i.e. javascript) has been stored in your database, it will be there even if you upgraded. For example, each time someone displays comments (and this is where the attack happened), your visitor will be attacked. You could do a test of your own, if you use FireFox, get the addon NoScript, visit your site with NoScript active. It will warn you if you have an XSS vulnerability on your site. Make sure you go into the options in NoScript and look for the XSS tab. Enable all check boxes. phplife
webs, based on your Google diagnostics report, your site was a victim of the widespread "wp-stats" attack that infected vulnerable WordPress blogs. Upgrading to the latest WordPress will resolve the vulnerability, but as phplife said, that's not enough. You'll find that your site pages have references to malicious sites (see your diagnostic page or do a web search on wp-stats to see the specific sites. Search all your pages and remove all the references to the "wp-stats" site and references to the associated IP address. If you've already done all that, have you requested a review at Google or StopBadware? I ask because Google says it last crawled your site on the 22nd, which is quite a while ago. When they find the badware gone, they're usually quicker than that about removing the flag. If you requested a review from StopBadware, they wouldn't have reviewed the site over this holiday weekend, but Google would. If the flag doesn't get lifted: You also have outlinks to many sites. If any of those sites are flagged, yours can be flagged for it. Do a Google site: search on each. You also have a Flash file. If it's old, outdated, or maliciously scripted, that can be a reason to be flagged, too.
That message means that any flagged site will remain displaying such warning message until a site's owner contact either Antiphishing.org or StopBadware.org explaining what is his/her site about and providing any proof required to clear his/her site's name out. One of my sites suffered a hacking attempt a while back and despite the hackers were not able to process the index.php because my site was on a Windows server with a default.asp page instead, that attempt was enough to get it flagged for a week or so. After contacting StopBadware.org I got my site back on Google's index without warning so no update or upgrade to any script will work if any of those websites are contacted. I believe someone might be using the OP's domain name maliciously due to the name "arsenal"