Google and the like usually only report a site as having malware if enough people report you. I think google have also signed up to stopbadware.org a whle ago which if you get listed on you need to go through their process of getting removed to clear your name!
In terms of how this happened and proventing it, it isn't always the server you hosted on that had an issue but perhaps sometimes it can be some programming on your site as well? If I were you before you look at getting removed I'd look and why you are listed. Go through a bit of list of:
1. FTP to your site and see if you can spot any files which shouldn't be there - if they are there then delete them
2. If you do have files there then in all probability your website may have been hacked rather than the server so I'd look closely at any programming you've done / third party scripts you have used.
3. If you are absolutely sure that it's no issue on your site then go through the removals process - it usually doesn't take that long
4. If you are still having issues contacting your hosting company - the've probably seen this thing loads and can help (I know we have!!)
If none of that works let me know along with your web address and i'll have a look!
Or he has a vulnerability in his web application..?
Linux & Windows Hosting Expert - Lead Sales Engineer @ BlackMesh
Highly available enterprise cloud and physical hosting with 24x7x365 US based live support (IaaS/PaaS) FedRAMP Moderate, DISA Level 2, FISMA, PCI, HIPAA, and SSAE 16 certifications [email protected] -- 888-473-0854 x720 -- www.BlackMesh.com
I can recommend going with CentOS, its a free enterprise linux solution.
This is really a worthless 'suggestion' these malware attacks are happening on people with weak passwords and compromised passwords regardless of OS, just as many or more happen on linux as on windows.