A few months ago I contacted 123-reg support as my hosted site became unreachable.
"Aha! Looks like you have some code injected malware!" they said
"Aha! Looks like your server's been breached then", I replied, "as my site is 100% HTML."
"Security is customers responsibility" they advised, "but you can buy our SiteScanner service to validate your web site if you like?"
"Erm, no, rogue PHP files are appearing on my site and redirecting it, that's nothing to do with my HTML files, is it?"
"It could be because you've not changed your FTP password for a while..."
Anyway, after a few more weeks of having to regularly go and repair my site I've moved to another host and will be taking my (admittedly negligible) business elsewhere.
(For the lurking reps pretending to give a toss, a bit of googling and looking at the logs suggests it's a Joomla exploit)