Hi guys, my hosting provider notified me:

As part of our commitment to providing you with a secure hosting environment, we performed an automated scan of your domain ......... hosted on ......... and detected the following malware on your account:

Web shell:PHP/shell.evalrequest.A (Web shell)
........./plugins/cck_storage/custom/utf8-d3a.php

Please do not be alarmed, we have quarantined these files to prevent further spread of malware. You have several options to help you resolve this situation:
If you are working with a development partner, they may be able to help you clean the site.
If you are not working with a developer, we offer several paid options to help clean your site.
Finally, we also put together a guide that you can use to clean the site: https://www.a2hosting.com/kb/security/securing-a-hacked-site#a-namesectionCleanupaCleaning-up-after-a-hack
Keep in mind, since we quarantined the above files, some of your sites features may not be functioning. It is imperative that you take action on this quickly. 

Can you help me on understanding the situation ?

What is the rule of that file ?