Malware is code designed to exploit and infect the person visiting a website. This is done by either compromised FTP accounts or from a code exploit on a hosted website (SQL injections, file upload, PHP script, etc).
The code embedded in your site will tend to be one of the two examples:
- Hidden Iframe - When a user visits the site, they see the site normally but a hidden frame sends infected code to the visitor.
Here are a few additional resources to help prevent malware on your server:
For more information, see: http://en.wikipedia.org/wiki/Malware.